I worked for a now defunct company that had a solution ahead of its time, which would mitigate the insider threat on a network. It did this by issuing a ‘key’ to every machine that had access to the network.

Guests had no key, and by extension, and policy, had little access to network resources. No key = no locks get opened and in many cases as an ancillary function, you couldn’t even see the door. It was akin to walking into a hotel and the lobby was the door to your room.

You knew there were hundreds of other rooms in the hotel, you couldn’t even see them, let alone try your key in any other door. Five years ago, people thought it was ‘cool’ technology, but there hadn’t been enough damage, and enough quantifiable damage to implement it.

The point was that the threats are from insiders, and anything you can do to limit their access on a network is the right thing to do.

We did not focus on the physical security piece, but as you point out – insiders have access to more than we think about in our buildings and on our networks.

My fear is that it will take something catastrophic to happen, and those of us in the IT world will continue to be reactive vs proactive and adding true value to the organizations we are tasked with supporting. Great suggestions/best practices. They are simple, executeable, and effective.

I am never a fan of govt oversight and over regulation, but I am also a fan of best practices and minimum standards, of which we have serious shortfalls in the US telecom infrastructure.

Thanks for the comment!

“The situation is worse than it seems. The situation will deteriorate”.

from “Taking Charge”, John O. Whitney.