News
Blogs
Shark Bait
Knowledge Centers
Opinion
Webcasts
Video
Podcasts
IT Careers
White Papers
Computerworld Reports
Zones
Case Study Library
RSS Feeds
Events
Industry
This Week in Print
Print Subscriptions


Ads by TechWords

See your link here


Subscribe to our e-mail newsletters
For more info on a specific newsletter, click the title. Details will be displayed in a new window.
Computerworld Daily News (First Look and Wrap-Up)
Computerworld Blogs Newsletter
The Weekly Top 10
More E-Mail Newsletters 
Sharky's picture
Sharky

Shark Tank

More posts | Read bio

March 4, 2008 - 10:45 A.M.

You can trust us, we're from IT

45 comments

This pilot fish is meeting with the local sheriff, discussing IT security and personnel records. 

"The sheriff presented his new program to streamline the application process in becoming a deputy, and its integration with the National Crime Information Center and FBI databases for background checking," says fish. "Very important and very sensitive information."

How is the information secured? fish asks sheriff.

"It's on the F: drive," sheriff says. "The F: drive has all the super-secure information -- gangs, undercover operations, etc."

Who has access to the F: drive? asks fish.

"Only the gang operatives, undercover ops, background investigation detectives and I have access to that sensitive data."

How about the IT staff?

"Yes, of course."

Are the IT staff sworn officers, and were they background checked?

Reports fish, "The sheriff went bright red. 'No' was the whimpered response."

Send Sharky your true tale of IT life at sharky@computerworld.com and I won't tell -- but I'll send you a stylish Shark shirt if I use it. Add your comments below, and read some great old tales in the Sharkives.
Now you can post your own stories of IT ridiculousness at Shark Bait. Join today and vent your IT frustrations to people who've been there, done that.

What People Are Saying

Add new comment

Another side of that coin

Submitted by Anomalous on March 5, 2008 - 3:08 A.M.

For years the other DBAs and I struggled with the HR manager responsible for security on their SAP systems. She had no trust whatsoever of IT people, although, of course, HR people had free access to all the ultra-sensitive information. It was easier for her, in her ignorance, to keep us out of transactions we needed in order to manage those systems effectively than to figure out what she was doing. So, we were constantly explaining the access we needed for specific tasks, she would give it to us for the few minutes necessary, then she would revoke it. All in the interest of protecting the data. The funny part was that we had free access to the data at the Oracle level. No, I'm not saying we (ab)used that access, only that we had it. And there was nothing she could do about it. Sometimes ignorance is a good thing.

Reply | Report this comment

blog dynamics

Submitted by bear in a box on March 4, 2008 - 11:47 P.M.

"jim, wer r u?"

it used to be fun
but now is none.

is fluffy the new face of evil?

Reply | Report this comment

JIM had nothing for this

Submitted by JIM's creator on March 5, 2008 - 9:02 A.M.

JIM had nothing for this one.

Reply | Report this comment

Security

Submitted by Johnh on March 4, 2008 - 3:44 P.M.

After being in IT for more years than most people alive, my agency several years ago contracted with Sheriff's office to maintain their IT dept. This was after a incident where it was discovered that the previous sheriff had hired a Russian civilion to program and maintain their network.
Myself and my staff had to go through extensive background checks and take poligraphs.
We passed but found it difficult finding new hires to pass the tests for new positions.
IT controls all access to servers, files etc. Also needs to know enough about NCIC FCIC regulations to solve problems

Reply | Report this comment

Why do they need access.

Submitted by Anonymous on March 4, 2008 - 12:42 P.M.

Why does the IT staff need access to the 'F' drive ? You give access as needed. I hope they can do their job without access to everything.

Reply | Report this comment

Why do they need access

Submitted by Anonymous on March 4, 2008 - 3:49 P.M.

I work for the local sheriff as a civilian IT person. You don't need to be a sworn officer to have access to the data. I am certified by the state to access this information.

Reply | Report this comment

Access is mandatory; sorry.

Submitted by DaveInCC on March 4, 2008 - 1:25 P.M.

IT has to be able to access it. Based on the type of data noted you must have a data recovery scheme with some type of backup. Therefore at least one IT account must have the ability to see the data and structure to back it up. Any IT person involved in the backup then has access.

Also in the real world police come and go on a regular basis in these assignments. Someone with the appropriate skill has to add the new people on the detail to the drive security.

In a police agency the demand is for access setups NOW; so only a person with dedicated knowledge can setup and troubleshoot problems on demand. That is rarely a sworn officer; usually the technical civilian.

Reply | Report this comment

You can still insist on proper clearance

Submitted by Anonymous on March 4, 2008 - 3:41 P.M.

Agree, but there is nothing to stop the department from requiring a background check (i.e. clearance) for ALL personnel who access that data including IT folks as well as police officers, clerks, etc.

Reply | Report this comment

Encryption?

Submitted by kangoid on March 4, 2008 - 1:33 P.M.

There could certainly be encryption or other secure/authorized data access methods to a DB that do not require actual ability to view data while still being able to perform backups, etc.

Yes, at some point, someone in IT may need to view the data to do some sort of troubleshooting. However, this could be limited to a single person during the specified period only to perform the required activity. In addition, this activity could be done in the presence of an actual deputy...

Reply | Report this comment

Required Access

Submitted by Anonymous on March 4, 2008 - 1:06 P.M.

Someone has to administer the system.

Remember ...

Root == GOD so use your powers sparingly.

Reply | Report this comment

Related Posts

Security and the cloudy cloud: A revolution for the infrastructure?
Starvation by virtual invisibility
More organizations relocating virtual objects for secure operations
Data destruction, Atari, and security ambivalence

Today's Top Stories

Context-aware mobility: What is it and how will it change the business world?
Vista Ultimate users fume, rant over Windows 7 deals
Elgan: The carrier coup must be stopped
DOJ officially opens investigation into Google Book Search
Judge temporarily dismisses MySpace cyberbully case
Mozilla slates first Firefox 3.5 patch
About Us Advertise Contacts Editorial Calendar Help Desk Jobs at IDG Privacy Policy Reprints Site Map
CIO Computerworld CSO DEMO GamePro Games.net IDC IDG IDG Connect IDG Knowledge Hub IDG TechNetwork IDG Ventures
IDG.net InfoWorld ITwhitepapers ITworld JavaWorld LinuxWorld Macworld Network World PC World The Industry Standard
Copyright © 1994 - 2009 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of
Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.