I haven’t posted in a couple of weeks. But this little incident was enough to jump in the saddle real quick. I am working on a couple of other posts which will appear soon.
This incident ongoing in San Francisco is an excellent example for employing "checks and balances." There should never be a situation where one person holds the only set of keys to the data. Never. What should happen then?
Well, every company is going to have one or two "trusted" people. I may be going out on a limb here. At least the owner or executive in charge should fit that category. At any rate, the "trusted" person should set an enterprise level password. Then they should write down the password, seal it in an envelope and stash it in a safe deposit box. Wait, you’re not done. The enterprise level account should then be used to create sub-accounts for those entrusted to do system admin work. That way, if one of them does something they shouldn’t, like locking out everyone’s access, the enterprise level admin can still get in.
Of course, there is no real 100% solution to ensuring this type of event doesn’t happen. Heck, the executive in charge could decide they’ve had enough and lock down the systems. Somewhere along the line a human being has to be trusted to do the right thing.
Maybe then, they could have the real keys to the city.