Security Stories

If you tell enough stories, perhaps the moral will show up.

2010-04-10

Organisational Truth Lies in the Email Distribution Lists

Now this is a really good idea.

"All data access should be approved by the data owner"
That sounds so reasonable, it's easy for the auditor to say. But it's absolute murder in practice:

Most access is routine, and based on who you work for. Requiring an approval for this sort of access diverts effort and attention and provides no real control because if the facts are right, the access is approved unthinkingly.

I've been messing around with the idea that the official org chart from HR is a suitable proxy for this sort of approval. Essentially, I'm claiming that if the line is on the chart then the manager can't -- won't even be asked -- to decline access to his own team's area. And the same would go for project managers: if you're on the team, you're in the folder.

Now that's an OK sort of plan except for one detail: The org chart is wrong most or all of the time. Lot's of temps are missing and there are important lines that never get on to paper. To be fair, the people who manage it never intended it to be a moment-to-moment authority, but that, unfortunately, is what I want.

I could actually live with that loosesness -- "Good enough" is a lot better than most people's practice, and I think it would do. But we can go a little better, thanks to Kate.

This afternoon I was tidying some permissions, and I ran into trouble because the team group was wrong. And Kate, bless her white pate, told me to populate the group from the team mail list.

I can do something with this!

Because one thing that managers and their PAs care about is that the team or project distribution list is OK. It'll be updated when the structure changes, and everyone will be on it. If you work for two bosses you'll be on both lists. And, crucially, with Exchange, distribution lists can feature in access control -- you just have to turn on "security-enabled."

Do you see where I'm going? The distribution list structure, with its nesting, is a true org chart, kept up to date by people who care and understand what it means. And that means that it can be used for all your "because he works for me" approvals, without dealing with the constant stream of "oh that changed" errors.

Finally!

at 23:03

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)