Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17


Any Reliable IT Security Consultants in LA?

Posted on 2011-09-12
Medium Priority
Last Modified: 2012-05-12
A CEO friend is concerned that the head of his IT department may be abusing privileges and poking into things he shouldn't be. The guy seems to know a lot about incoming e-mails, documents, and other stuff that should be private.

Without going into details, the CEO doesn't want to take my initial recommendation (fire the guy immediately). He'd rather keep him and instead take away temptation by locking down areas of the network like the contents of the mail server or the CEO's personal hard drive / network share that aren't necessary for the guy to do his job -- or at least have some tools to monitor and notify him of internal abuse.

I feel for my friend and really want to help him out. He's great at running his company but knows nothing about IT. I realize this probably ends up with the IT guy out on his ear, but before that happens, can someone please recommend a great, reliable LA-based consultant who can come in, review policies, and help put some controls in place?
Question by:RedmondGuy
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2

Accepted Solution

Jacobfw earned 501 total points
ID: 36526884
I am going to suggest that he saves his money from a consultant and understand that any IT personnel that has lost the confidence of the CEO needs to go.   Any consultant that would take his money and promise to lock down the network to such a degree so going to need ongoing access to ensure compliance with these new policies.  Can he trust the consultant?

IT must be above suspician or be subject to audit and review.  In a little shop, it just comes down to trust.

LVL 32

Assisted Solution

aleghart earned 999 total points
ID: 36527214
I hate saying 'me too'...but Jacobfw is on the money.

The head of IT in a small company can see everything.  If it's locked down...the master admin is the person who would lock it down _and_ open it up again.

Even in "no admin access" situation like contracted storage, the admins supposedly have no direct-access to bit-level storage, thus there are no files to see.  But, they could gain access to web page logins, thus giving the files up while logged in as the original user.

Access need be logged and monitored and audited.  You can see simultaneous logins or logins from disparate locations (20 miles but only two minutes apart).  In a small business there isn't that level of monitoring (generally).

A partial solution is 100% monitoring of all workstations with a product like Spector360.  But, again, the master admin is the person with rights to exclude workstations or time periods, or could attach a personal computer that is not monitored.

Exchange's Outlook Web Access (OWA) makes it incredibly easy to log in as another user on the fly, read message traffic, then logout again.  This makes email snooping easy from any location that has web access to the mail server.

At the very least, even if access is "allowed", the admin's job is discretion.  Maybe I know that the IRS is setting up an audit next week.  I wouldn't talk about it.  Maybe I know that XYZ is getting a divorce or has a wage garnishment...I wouldn't blindside a co-worker with advice or's out of line.

Even a congratulations to a buddy for a pay-raise...because you saw some HR traffic or files...would be grounds for reprimand or dismissal in some larger organizations.

People _do_ snoop.  That's why there are controls and expectations.  Obviously, with an admin, controls are a problem. Expectations should be made clear.  Has the CEO ever made the expectations of privacy clear?  The old-school 'god complex' can still be found with some admins.  If the person was hired with no guidelines, he/she would naturally adopt established patterns of behavior.

You can't take away the priveleges without hiring another admin or consultant with more priveleges and experience in counter-snooping (if that's a technical term).  Now you have another heap of problems to deal with.  Dueling admins could be destructive.
LVL 32

Assisted Solution

aleghart earned 999 total points
ID: 36527224
"....unless you manage all aspects of Exchange by yourself, you are going to have to delegate some administrative tasks and therefore trust those responsible for these tasks...."

From this page on expanding the Exchange server monitor to log more than just the last login.


Author Closing Comment

ID: 36530577
Not exactly as asked, but can't fault the logic.

Featured Post

Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The well known Cerber ransomware continues to spread this summer through spear phishing email campaigns targeting enterprises. Learn how it easily bypasses traditional defenses - and what you can do to protect your data.
Check out the latest tech news, community articles, and expert highlights in August's newsletter.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

721 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question