I recently listened to a demo done by a software vendor that was running a cloud based service. One of the questions that came up was around how the end user verifies that their data is safe. It wasn’t the question of being safe from hackers but rather the cloud vendor’s own admins. This started a huge internal debate on the VMware cloud team on how, when, and why you should audit your administrator’s activities.
There are probably several answers to this question and I would be really interested to get some comments on how people look over their admins (or don’t) in their own environments. My personal answer to this is if you don’t trust someone that has all the root passwords and a key card to your physical datacenter then you have much bigger issues at hand versus making sure they aren’t touching people’s data.
Still internal issues do pop up. I remember an incedent when I worked for the Department of Revenue in the state of Georgia many years ago. Turns out some of the people on the security team were running a “credit cleaning” business. For a certain sum they would log in and clean up your credit record since the state holds a lot of power to do so. Of course after several months of this they were escorted out of the building one day by the FBI. But how did these people get caught? It wasn’t anything too high tech. They simply got greedy, put out ads, and one of the ads turned up on the GBI (the state FBI) bulletin board. Funny how things work.
Like I said, there are many software packages on the market to audit everything that anyone does, but doesn’t someone also maintain those software packages? Isn’t it usually the same people that have admin access to other systems like the security team? How do you stop something at the very top?
Needless to say this is something my team will be thinking about and building into the cloud architectures that we build. Just thought I’d bring it up and start a conversation to see what other people think can be done for this issue.