Hacking the Admin

  • Steve Jones - SSC Editor

    SSC Guru

    Points: 720484

    Comments posted to this topic are about the item Hacking the Admin

  • phegedusich

    Ten Centuries

    Points: 1365

    Steve, did hackers steal the end of your second paragraph? ;^)

    -edited because I haven’t had coffee yet

    • This reply was modified 2 weeks, 6 days ago by  phegedusich.
  • Steve Jones - SSC Editor

    SSC Guru

    Points: 720484

    Nope, that was all I wanted to say. I'll add in the a few more words.

  • Chris Wooding

    SSCarpal Tunnel

    Points: 4344

    All our SQL data changes have to be made via a script. The script is written by the developer and peer reviewed before being executed by the Release team. Obviously the Release team could make other data changes using the same permissions. Data changes on our mainframe are made by writing a mini COBOL program to do the updates (which, again, is peer reviewed). There are only two people who can change data without running a program to do so and any time one of these unscripted changes is required, a senior manager logs them on and watches while they make the change. A screen-print is taken of the session, signed by both parties and filed away for the auditors to look at should the need arise.

  • Steve Jones - SSC Editor

    SSC Guru

    Points: 720484

    That's a good system, Chris Wooding. Not perfect, but likely it works well unless you have a rogue admin. I still like the idea of using a pipeline of sorts to deploy the scripts rather than letting anyone directly run them. Not sure many orgs will get here, but there are a few that have this in place. I wish MS made this easier.

     

  • Mr. Brian Gale

    SSC-Insane

    Points: 23075

    My opinion, no publicly facing messaging system should allow anyone except an account owner to post on their behalf.  That is a HUGE privacy concern and could be career ending for some people.  Can you imagine if someone went on there and started posting a bunch of negative things about your workplace under your account?  Or started posting a lot of inaccurate information about what you specialize in under your account?  Or goes on and posts racist or hateful things on there? the list goes on and on.

    it is incredibly scary to think that the admins on twitter could selectively pick and choose people to post on their behalf and destroy someones career.

    Hopefully this hack will make twitter think twice about what they are capable of from their admin panels and work to reduce the appeal for hackers to get access to it.

  • Steve Jones - SSC Editor

    SSC Guru

    Points: 720484

    I'd agree with you, but how do you prevent someone that admins a database from making a change? Our platforms don't do a great job of preventing this. Something like Always Encrypted, where the client has a key to sign a tweet is good, but trying to ensure clients don't lose certificates/keys is a hassle.

    This isn't "posting" necessarily, but database access for DML.

  • Eric M Russell

    SSC Guru

    Points: 125096

    Inserting, updating, or deleting rows in a table shouldn't be a routine function of a database sysadmin. So, perhaps the all-powerful SYSADMIN role itself should be deprecated or DML permission excluded by default, and only service accounts granted datareader and datawriter.  If someone attempts to login using one of these accounts, perhaps a three-factor authentication can send a verification phone call or text message to both the DBA and a trusted third party like the director of database operations or information security, meaning that two people need to approve the login request.

    "Do not seek to follow in the footsteps of the wise. Instead, seek what they sought." - Matsuo Basho

Viewing 8 posts - 1 through 8 (of 8 total)

You must be logged in to reply to this topic. Login to reply