Mark, We
opted not to take away rights from the Administrators and turned on auditing
for areas where sensitive data is stored. We have been kicking around
turning on the file system encryption. We have had to comply with Grahm-Leech-Blyley
(GLB) and a Thanks, From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Creamer, Mark I’m curious what, if any, changes to everyday administration
the folks on this list are making in preparation for Sarbannes Oxley
compliance. Specifically, is anyone making a conscious effort to remove daily
admin rights from people whose job it is to do domain administration, in favor
of a “break the glass when needed” type of philosophy? I’m
just starting to look into this, but I’m getting the feeling some
companies are going overboard. Any observation from the group is always
welcome… Mark
Creamer |
- [ActiveDir] Sarbannes Oxley compliance Creamer, Mark
- RE: [ActiveDir] Sarbannes Oxley compliance Raymond McClinnis
- RE: [ActiveDir] Sarbannes Oxley compliance joe
- Re: [ActiveDir] Sarbannes Oxley compliance [EMAIL PROTECTED]
- RE: [ActiveDir] Sarbannes Oxley compliance Fugleberg, David A
- Re: [ActiveDir] Sarbannes Oxley compliance Brent Westmoreland
- RE: [ActiveDir] Sarbannes Oxley compliance Mulnick, Al
- RE: [ActiveDir] Sarbannes Oxley compliance Menten, Jeff
- RE: [ActiveDir] Sarbannes Oxley compliance Sunil Gupta
- RE: [ActiveDir] Sarbannes Oxley compliance Justin_Leney