republican-creole
Search:  

 
theme to black backgroundlet page decide theme
HomeFind ServiceReviewsJob BoardISP NewsFAQsForumsToolsDatabaseAbout 
 
   All ForumsHot TopicsGallery






how-to block ads


 
Forums » Tech and Talk » OS and Software » No, I Will Not Fix Your #@$!! Computer » MS Exchange admin auditing
Search Topic:
 Share Topic:
RSS topic:
toggle:
flat / full
normal / watch
Posting:
Post a:
Post a:
upgrade ideas? »
« Hardware load balancer recommendations  
AuthorAll Replies


midranger4
Stupid Is In Vogue
Premium
join:2002-01-18
Levittown, PA

reply to B
Re: MS Exchange admin auditing

said by B See Profile :

Your auditors are misinformed and/or misguided. There are no safeguards that can be put in place if you don't trust the IT staff who are responsible for putting in the safeguards!

If the auditors wish to ensure that only mailbox owners can see their e-mail, then it should be a company-wide enforced policy that ONLY encrypted messages are sent, received, accepted, and viewed.

If you've got a mail store full of unencrypted messages it's an exercise in major stupidity to try to police your IT department. Who cares if they haven't accessed a message yet -- they can at any time! What if a backup is taken off site, or a disk or VM image cloned? Who watches the watchers?

Auditors are idiots. Try hard to avoid them.

-- B
I am sadly aware that auditors are indeed the spawn of Satan but it does not preclude me from having to answer to them. I'm not so sure that they are looking to revoke authority per se but rather for the ability to see if authority inherent to being an admin is being abused.

I can understand their position on this. Sensitive and confidential emails are sent at the upper management level with little regard for any potential compromise as associated with the content of any given email. With that said I can't say I agree that trust in the administrative staff exclusively should be the only measure of security.

If as you describe the only alternative is encrypted messages than maybe that is the course that should be taken. What I believe the auditors seek is something in between that gives them the ability to spot check. For instance a report that might contain the name of any/all mailboxes accessed by anyone other than the owner along with a date and time stamp.

Is such a request really that unobtainable?
--
Democracy is the illusion of Freedom
to forum · permalink · · 2008-05-02 15:29:21 · Reply to this
Forums » Tech and Talk » OS and Software » No, I Will Not Fix Your #@$!! Computerupgrade ideas? »
« Hardware load balancer recommendations  

Friday, 10-Oct 20:11:04 Terms of Use | Privacy Policy | Hosting by www.nac.net - DSL,Hosting & Co-lo | feedback | contact
over 9 years online! © 1999-2008 dslreports.com.
page compression OFF
Most commented news this week
· [139] It's Cable TV Rate Hike Season
· [95] Wholesale Bandwidth Prices Still Dropping
· [95] Is Comcast Cooking Up a 22Mbps/5Mbps Tier?
· [94] Symmetrical FiOS No Longer Qualifies For Bundle Discounts
· [79] Time Warner's Ugly Feud With LIN TV
· [77] Half Of New iPhone Owners Came From Verizon
· [70] Supreme Court TiVo/Echostar Ruling
· [70] Microsoft: U.S. Broadband Policy 'Total Failure'
· [66] Verizon Unveils Blackberry Storm
· [64] XOHM Online In Additional Launch Markets
Most people now reading
· [Connectivity] Neighbor using MY router to connect to Internet? [Comcast HSI]
· Comments about complaints [TekSavvy]
· WOW CEO forces employees to listen to pro-Obama speach today [Rants, Raves, & Praise]
· New AMERO Currency [56k lookout! (broadband heavy)]
· Homeowner Says Cable Mistake Filled Kitchen With Raw Sewage [Comcast Cable TV]
· AT&T/Bellsouth $125 cable switch rebate BS. [AT&T Southeast]
· Safty Question about K & T wiring. Very worried... [Home Repair & Improvement]
· Heads up; Usenet, "Rarpassgen.exe" virus [TekSavvy]
· IMG 1.6 Build 06.89 Released [Verizon FIOS TV]