Close the barn door now! Avoid the risk of not monitoring retained access before it’s a problem

It would be far better if those doing the contracting, hiring, or engagement management had it in their built-in process that when a contract concludes or an employee moves or departs, IT is informed, accounting is informed, and human resources is informed.

It’s absurd to allow an employee to simply walk away and wait for a “no activity” alert — or in the case of the nefarious, a “too much activity” alert as they fleece or compromise the infrastructure to which they once had authorized access and now have “unauthorized” access.  

Need-to-know 101

Admittedly, I’ve been steeped in the philosophy of “need-to-know” since I was a teen entering on duty at the CIA as a file clerk in the file room of the Office of Security. In the intelligence world, individuals are “read in” or “read out” of programs. It’s more than symbolic that the first thing that happens when someone is read out is the retrieval of their badge, which removes physical access to the premises.

I was taught on day one the meanings of limited access and environmental security and saw with my own eyes the machinations that took place when one transferred out of the unit to ensure their access was not retained — door combinations changed, access control logs updated, databases adjusted to reflect access, badge access deactivated (and yes, all of these are largely analog, as I am that old that these files were paper).

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button