An IT worker is accused of hacking his former employer—a Manhattan hospital. Bill Detwiler outlines fives ways IT can prevent similar incidents.
The New York Post reported Tuesday that a former IT worker from a Manhattan hospital was arrested last Friday and charged with computer trespass, unauthorized use of a computer, and fourth-degree computer tampering.
According to the article, Jason Wang "wreaked havoc with the computer system at North General Hospital in Harlem after he was fired by official there in September 2009..." The report doesn't specify what kind of "havoc" Wang is accused of wreaking, but it does indicate that authorities believe Wang used "a doctor's password and credentials to send a scathing e-mail to other hospital staffers, accusing Michele Prisco, North General's vice president and chief information officer, of being a racist."
Whether Wang is eventually convicted of these charges or not, the situation demonstrates the importance of strong internal IT security procedures.
In the October 10th, 2008 episode of TR Dojo, I discussed the following five security practices designed to prevent the situation outlined above:
- Follow the rule of least privilege
- Not all IT staff should be domain admins
- Monitor additions to admin-level groups
- Log all administrative activity
- Immediately revoke admin rights for terminated IT staff
For additional help developing strong internal, IT security procedures, check out the following TechRepublic resources:
- How do you keep your sys admins from stealing company secrets?
- 10 ways to reduce insider security risks
- Take security precautions when an employee leaves the organization
- Take steps to safeguard sensitive data
- Securing data from the threat within
- Track turnover in your organization with an employee separation checklist