Internal "White Hat" security team

We are looking at starting an internal "white hat" security team made up of some of our tech savvy employees.  These users would, from time to time, try to access folders they shouldn't have access to, try to make themselves domain admins, try to change other users' passwords, etc.  This would be in addition to their primary duties.  Does anyone know of something like this being done?  I know outside firms are available to do security testing, but it might be advantageous to have our own team.  Thanks for any feedback!
chiefsmanSystems AdministratorAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

McKnifeCommented:
Hi.
"Does anyone know of something like this being done?" - sure, why not. As long as those people try those "attacks" (if any) on test networks first, go ahead.
What do you want to know in particular?
KnightsmanCommented:
i would make damned sure those employees are legit.  That's all you need is for one of them to find an exploit and not tell you about it.
chiefsmanSystems AdministratorAuthor Commented:
We just want to make sure our network stays as secure as possible and was curious if anyone else did this.  Thanks!
OWASP Proactive Controls

Learn the most important control and control categories that every architect and developer should include in their projects.

McKnifeCommented:
But what if anyone else does this, do you feel supported in doing this?
It surely depends on how you let them do this. If they run tools and they don't know how those work, they might disrupt working.
chiefsmanSystems AdministratorAuthor Commented:
Yeah, we have a lot of questions.  We were just seeing if anyone else is doing this so we could get some tips on how they are doing it and if it has been successful.
McKnifeCommented:
Thing is: what expertise would they need to find more than the admin? A lot. Unless the admin has failed to do his job properly, they will maybe find nothing at all. I'd vote for having your network pentested/audited by professionals.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
btanExec ConsultantCommented:
You can still have an internal security team setup to do such review and security acceptance but most of the time, the objective is to ensjre independent assessment done rather tham having same admin team to do it. Who guards the guards. The competency and certified party varied and compliance needs may not necessary allows internal team unless strong justification provider. There are penetration testing standard publicly available to kickstart. Note that revjew should not be audit unless that is the intent. Audit requires independent party so internal is mostly not engaged though helps in preparing the internal.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Security

From novice to tech pro — start learning today.