View Single Post
  #7 (permalink)  
Old February 24, 2012, 07:36 PM
Astaroth's Avatar
Astaroth Astaroth is offline
Top Prospect
 
Join Date: Sep 2010
Posts: 163

My System Specs

Default

Quote:
Originally Posted by Ardric View Post
Even if you trust the RCMP and friends to only go after legitimate targets, and history would show that to be naive, there's still the matter of the underpaid low-level staffers at these orgs collecting and selling info out the back door. There's lots more money to be made in corporate espionage and blackmail than there is working a desk at gov't rates.
That's why good 'ole syslog exists. If you knew someone who had access to the ICBC database, you could pull up personal information from the person's license plate. People were being assaulted by those who obtained information from their insurance broker friends that had access to the database. So there's strict logging in effect for anyone that accesses records, and stiff penalties for people that don't exclusively access their clients records.

If the VPD can get in sh1t for looking at boobies during work, you don't think they can't view the logs of who is accessing what in their database? AAA protocol and strict network policy are all you need to maintain Confidentiality, Integrity, and Availability. Chief Information Security Officers ensure separation of duties so that not one single individual has complete control of any aspect of the network security scheme.
Reply With Quote