Sicherheit: Provisioning
Firing Line
As in McCausland's anecdotal experience, smaller companies did indeed perform worse in the survey: 54 percent of companies with fewer than10,000 employees reported a lag of more than two days, while just 32percent of companies with more than 10,000 employees reacted as slowly. And European companies reacted more slowly than did North American or Asian companies: More than 20 percent of European companies took two weeks or more, while just 10 percent of North American and Asian companies reported taking as long.
All Kinds of Access
The conventional wisdom is that businesses are most at risk from individuals who have been abruptly fired - perhaps as a result of performance-related issues or through downsizing - and who consequently harbor a grudge. While that's probably true, experts stress that the real risk is much broader.
Individuals who have left voluntarily, for example, may still want to strike back or simply seek to exploit weaknesses to further their careers at a competitor. The Novell-Stanford-Hong Kong study, for example, cites a former employee at a global investment bank, now working for a competitor, who was able to access her voice mail for months after she had left, gaining access to all internal banking announcements. That kind of risk can even extend to current employees, as companies typically have more internal movers than they do leavers. The level of access that is appropriate for one position in a company may not be appropriate for another, but how many companies proactively(and promptly) change user access rights when individuals move from one function to another?
Not as many as ought to, asserts Deepak Taneja, CTO of security software purveyor Netegrity. "We see this a lot," he says. "It's a real problem." The reason, it appears, is that businesses are blind to the termination implications of internal moves. When Joe in IT moved to customer support, his access rights were left unchanged, either because of apathy or because for an intended interim period it actually made sense. But five years later, when the customer support function is outsourced and Joe is suddenly axed, the fact that the company has just fired someone with current IT-function access rights is forgotten - until it is too late.
The potential risk, of course, goes beyond mere electronic vandalism. Many employees who might think twice about inflicting damage will be far more sanguine about stealing information. And incredibly, "A lot of people don't think about things like intellectual property and commercially sensitive information when undertaking layoffs," warns one seasoned CSO who asked not to be identified.