[ale] Security best practice - Remove or disable user accounts?

Jeff Hubbs hbbs at comcast.net
Thu Aug 7 12:51:28 EDT 2008 

There are "best practices" and then there's actually thinking about what 
you want to have happen, figuring out how to do it, and executing it as 
planned.

What ought to happen in most cases is that when a user leaves (or, if 
the user is being shown the door, *before* the user knows what's about 
to hit him), the user's read/write access should be stopped (i.e., by 
changing passwords, carting off machine(s), disconnection). Then, his 
files (including e-mail) should be copied off and made available in a 
read-only, controlled-access fashion (e.g., CD/DVD) and stored, and then 
the files should be deleted securely (i.e., overwritten or destroyed) 
along with any accounts.

Some people disable accounts so that managers or admins can just reset 
the password and log in as the user to see their e-mails, get their 
files, etc. Bad Idea (TM). Someone could have left some code or script 
behind as a "hand-grenade" such that someone logging in and not knowing 
what special thing to do next had the effect of "pulling the pin." Good 
way to lose your data warehouse, have the boss' g04ts3x pr0n e-mailed to 
the entire company, disable your PBX and have Alice Cooper songs playing 
as the outgoing message to all callers, etc.

Again: "best practices" are purported bits of knowledge that IT 
professionals that weren't working retail at Belk's only two years 
before are supposed to already know...assuming the BPs in question were 
applicable or even sensible in the first place.

By the way, at none of the places I have ever worked, whether I resigned 
or was laid off, was the sort of thing I just described *ever* done - 
unless I did it myself.

- Jeff

Jeff Lightner wrote:
>
> At a former job the policy was to disable rather than remove user 
> accounts.
>
> However, on checking for “best practices” I don’t find any indication 
> why this should be and find several references to removing them 
> completely.
>
> Does anyone know of a best practice that explains why disabling would 
> be preferable to removing?
>
> ----------------------------------
> CONFIDENTIALITY NOTICE: This e-mail may contain privileged or 
> confidential information and is for the sole use of the intended 
> recipient(s). If you are not the intended recipient, any disclosure, 
> copying, distribution, or use of the contents of this information is 
> prohibited and may be unlawful. If you have received this electronic 
> transmission in error, please reply immediately to the sender that you 
> have received the message in error, and delete it. Thank you.
> ----------------------------------
> ------------------------------------------------------------------------
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
>

More information about the Ale mailing list