Computerworld has an interesting article about the difference between trust and security. A county coroner gave out his logon information to a confidential police 911 system so that newspaper reporters wouldn’t bother him each time they needed information. This resulted in, for example, a drug informant being badly beaten up when his name was revealed.
The information only came to light after one of the reporters complained that he didn’t have access to the site, but could have been revealed much earlier through better reporting:
“Eventually, an IT staffer checked Web site logs and discovered that the site was accessed more than 50 times in two weeks from computers at a newspaper office.”
Of all the departments in the organization, IT should be able to implement retrospective network security analysis relatively easily — there are typically existing tools, it would only require a single user license, they have the expertise, etc.
So do organizations do this? Why not?