Combating Back Door Vulnerabilities in Data Center Procedures

摘要

Although IT professionals usually adhere to strict security guidelines with the complex development, implementation, and management aspects of their jobs, they sometimes drop their guard in relation to security with some of the more mundane job duties such as data center procedures. The challenge is that these procedures are generally unsophisticated to implement, yet can be very complex to secure. This article highlights the security weaknesses that can be created by such administrative procedures and outlines common sense management practices that can close such back door vulnerabilities. Eliminating back door vulnerabilities is becoming an important goal for the security program. Cyber-criminals have begun to target specific organizations for financial gain, and they are actively searching for ways to gain access to financial and personal information contained in corporate systems. Furthermore, governmental regulations such as Sarbanes-Oxley and HIPAA require that organizations establish strong internal controls to mitigate the risk of information theft.