Veritas-bu

[Veritas-bu] Trying to Satisfy the Auditors

2004-02-05 16:56:18
Subject: [Veritas-bu] Trying to Satisfy the Auditors
From: dfdwyer AT tecoenergy DOT com (Dennis Dwyer)
Date: Thu, 05 Feb 2004 16:56:18 -0500
This is a MIME message. If you are reading this text, you may want to 
consider changing to a mail reader or gateway that understands how to 
properly handle MIME multipart messages.

----=_NextPart_ST_16_56_32_Thursday_February_05_2004_13924
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit

Has anyone on the list ever had a need to do this and if so, how did you
accomplish it?

Environment:
NBU 4.5GA
Master/Media/Media all running Solaris 8

The Help Desk is authorized to do restores of individual files as
requested by users. Usually they restore over the existing file by
checking the box. Based on a recent audit, I am being asked to NOT allow
the Help Desk restores to overwrite the existing file, making the
assumption they have no way of knowing that the requestor is who they
say they are over the phone.

Are you with me so far?

What auditing would rather have is for the user to rename or delete the
file they're trying to restore which, according to auditing, implies
that if they have the permissions to rename or delete, they are
authorized to ask for the restore. If they can't rename or delete the
existing file, the restore request is not honored by the Help Desk.

What I need to know is if there is a way to make the checkbox for
overwriting a file inaccessible by certain groups? If not, what other
options have been employed to accomplish this. The last alternative,
although goofy in my opinion, is to put a written policy in place that
says "Never, Never, Never Check the Overwrite Box"

As usual, any and all input would be greatly appreciated.
(Can you believe I actually have to ask this?)

Dennis F. Dwyer
Manager, Systems Software
Tampa Electric Company

(813) 225-5181  - Voice
(813) 275-3599  - FAX

Visit our corporate website at www.tecoenergy.com

"Time is not a test of the truth"
Translation: Just because you've always done it that way, doesn't make
it right

----=_NextPart_ST_16_56_32_Thursday_February_05_2004_13924
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Content-Description: HTML

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=3DContent-Type content=3D"text/html; charset=3Diso-8859-1"=
>
<META content=3D"MSHTML 6.00.2800.1400" name=3DGENERATOR></HEAD>
<BODY style=3D"MARGIN-TOP: 2px; FONT: 10pt Batang; MARGIN-LEFT: 2px">
<DIV>Has anyone on the list ever had a need to do this and if so, how did y=
ou=20
accomplish it?</DIV>
<DIV>&nbsp;</DIV>
<DIV>Environment:</DIV>
<DIV>NBU 4.5GA</DIV>
<DIV>Master/Media/Media all running Solaris 8</DIV>
<DIV>&nbsp;</DIV>
<DIV>The Help Desk is authorized to do restores of individual files as requ=
ested=20
by users. Usually they restore over the existing file by checking the box. =
Based=20
on a recent audit, I am being asked to NOT allow the Help Desk restores to 
overwrite the existing file, making the assumption they have no way of know=
ing=20
that the requestor is who they say they are over the phone.</DIV>
<DIV>&nbsp;</DIV>
<DIV>Are you with me so far?</DIV>
<DIV>&nbsp;</DIV>
<DIV>What auditing would rather have is for the user to rename or delete th=
e=20
file they're trying to restore which, according to auditing, implies that i=
f=20
they have the permissions to rename or delete, they are authorized to ask f=
or=20
the restore. If they can't rename or delete the existing file, the restore 
request is not honored by the Help Desk.</DIV>
<DIV>&nbsp;</DIV>
<DIV>What I need to know is if there is a way to make the checkbox for=20
overwriting a file inaccessible by certain groups? If not, what other optio=
ns=20
have been employed to accomplish this. The last alternative, although goofy=
 in=20
my opinion, is to put a written policy in place that says "Never, Never, Ne=
ver=20
Check the Overwrite Box"</DIV>
<DIV>&nbsp;</DIV>
<DIV>As usual, any and all input would be greatly appreciated.</DIV>
<DIV>(Can you believe I actually have to ask this?)</DIV>
<DIV>&nbsp;</DIV>
<DIV>Dennis F. Dwyer<BR>Manager, Systems Software<BR>Tampa Electric=20
Company</DIV>
<DIV>&nbsp;</DIV>
<DIV>(813) 225-5181&nbsp; - Voice<BR>(813) 275-3599&nbsp; - FAX</DIV>
<DIV>&nbsp;</DIV>
<DIV>Visit our corporate website at <A=20
href=3D"http://www.tecoenergy.com";>www.tecoenergy.com</A></DIV>
<DIV>&nbsp;</DIV>
<DIV>"Time is not a test of the truth"<BR>Translation: Just because you've 
always done it that way, doesn't make it right</DIV></BODY></HTML>

----=_NextPart_ST_16_56_32_Thursday_February_05_2004_13924--



<Prev in Thread] Current Thread [Next in Thread>
  • [Veritas-bu] Trying to Satisfy the Auditors, Dennis Dwyer <=