Not long ago, I posted about snooping admins and suggested some ways to prevent them from abusing their positions. Today, we have an example of an administrator who used his powers to prevent other admins from logging into the network.

Terry Childs, who had become disgruntled over discipline for poor performance, reconfigured the network so that only he had access. He has refused to surrender the password for his account, and at the time the linked article was written, work was still being done to regain access to the network.

So, we can add this to the list of things to be wary of when handing out permissions to administrators. It looks like they knew about a month ago that this guy was up to something, but he was still able to cause all this trouble. It’s good to see that the security of the network is strong enough to keep you out if you don’t have the right password, but maybe there should be some sort of emergency break-in procedure for a situation like this.

Another lesson to take from this is that dealing with people and their egos is a delicate task. It pays to be careful how you handle employees. Security is bound to fail when your own people are working against it.

This entry was posted on Tuesday, July 15th, 2008 at 6:18 pm by Mike Markiewicz and is filed under passwords. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.