Go Premium for a chance to win a PS4. Enter to Win


Any Reliable IT Security Consultants in LA?

Posted on 2011-09-12
Medium Priority
Last Modified: 2012-05-12
A CEO friend is concerned that the head of his IT department may be abusing privileges and poking into things he shouldn't be. The guy seems to know a lot about incoming e-mails, documents, and other stuff that should be private.

Without going into details, the CEO doesn't want to take my initial recommendation (fire the guy immediately). He'd rather keep him and instead take away temptation by locking down areas of the network like the contents of the mail server or the CEO's personal hard drive / network share that aren't necessary for the guy to do his job -- or at least have some tools to monitor and notify him of internal abuse.

I feel for my friend and really want to help him out. He's great at running his company but knows nothing about IT. I realize this probably ends up with the IT guy out on his ear, but before that happens, can someone please recommend a great, reliable LA-based consultant who can come in, review policies, and help put some controls in place?
Question by:RedmondGuy
  • 2

Accepted Solution

Jacobfw earned 501 total points
ID: 36526884
I am going to suggest that he saves his money from a consultant and understand that any IT personnel that has lost the confidence of the CEO needs to go.   Any consultant that would take his money and promise to lock down the network to such a degree so going to need ongoing access to ensure compliance with these new policies.  Can he trust the consultant?

IT must be above suspician or be subject to audit and review.  In a little shop, it just comes down to trust.

LVL 32

Assisted Solution

aleghart earned 999 total points
ID: 36527214
I hate saying 'me too'...but Jacobfw is on the money.

The head of IT in a small company can see everything.  If it's locked down...the master admin is the person who would lock it down _and_ open it up again.

Even in "no admin access" situation like contracted storage, the admins supposedly have no direct-access to bit-level storage, thus there are no files to see.  But, they could gain access to web page logins, thus giving the files up while logged in as the original user.

Access need be logged and monitored and audited.  You can see simultaneous logins or logins from disparate locations (20 miles but only two minutes apart).  In a small business there isn't that level of monitoring (generally).

A partial solution is 100% monitoring of all workstations with a product like Spector360.  But, again, the master admin is the person with rights to exclude workstations or time periods, or could attach a personal computer that is not monitored.

Exchange's Outlook Web Access (OWA) makes it incredibly easy to log in as another user on the fly, read message traffic, then logout again.  This makes email snooping easy from any location that has web access to the mail server.

At the very least, even if access is "allowed", the admin's job is discretion.  Maybe I know that the IRS is setting up an audit next week.  I wouldn't talk about it.  Maybe I know that XYZ is getting a divorce or has a wage garnishment...I wouldn't blindside a co-worker with advice or sympathy...it's out of line.

Even a congratulations to a buddy for a pay-raise...because you saw some HR traffic or files...would be grounds for reprimand or dismissal in some larger organizations.

People _do_ snoop.  That's why there are controls and expectations.  Obviously, with an admin, controls are a problem. Expectations should be made clear.  Has the CEO ever made the expectations of privacy clear?  The old-school 'god complex' can still be found with some admins.  If the person was hired with no guidelines, he/she would naturally adopt established patterns of behavior.

You can't take away the priveleges without hiring another admin or consultant with more priveleges and experience in counter-snooping (if that's a technical term).  Now you have another heap of problems to deal with.  Dueling admins could be destructive.
LVL 32

Assisted Solution

aleghart earned 999 total points
ID: 36527224
"....unless you manage all aspects of Exchange by yourself, you are going to have to delegate some administrative tasks and therefore trust those responsible for these tasks...."

From this page on expanding the Exchange server monitor to log more than just the last login.


Author Closing Comment

ID: 36530577
Not exactly as asked, but can't fault the logic.

Featured Post

Veeam Disaster Recovery in Microsoft Azure

Veeam PN for Microsoft Azure is a FREE solution designed to simplify and automate the setup of a DR site in Microsoft Azure using lightweight software-defined networking. It reduces the complexity of VPN deployments and is designed for businesses of ALL sizes.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are like me and like multiple layers of protection, read on!
Unable to change the program that handles the scan event from a network attached Canon/Brother printer/scanner. This means you'll always have to choose which program handles this action, e.g. ControlCenter4 (in the case of a Brother).
This video Micro Tutorial shows how to password-protect PDF files with free software. Many software products can do this, such as Adobe Acrobat (but not Adobe Reader), Nuance PaperPort, and Nuance Power PDF, but they are not free products. This vide…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…

971 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question