QOTD - Weatherford on Deprovisioning

De-provisioning users is one of the most important things an organization can do yet it continues to be one of those things people simply don't think is important enough...until they become a victim. -- Mark Weatherford, CISO for the State of California.
Src: SANS NewsBites Vol 11 Num 63

1 comment:

Michael Janke said...

I've been bitten by that, usually by bringing up a new server/service using an IP address that was used for something else a year ago. If the firewall rules from the old service are still around, you've got a chance of breaking your security model.

http://lastinfirstout.blogspot.com/2008/05/service-deprovisioning-as-security.html

--Mike