As reported in Dark Reading, the recent indictment of a former TSA employee is continued proof that the need to control privileged users remains paramount.  The employee, Douglas James Duchack, was terminated and in the two weeks following his notice he allegedly put malware code on a database server in an intentional attempt to compromise the computer and database. 

The need to control privileged users and what they can (and cannot do) as well as monitor their activities is something all organizations should be aware of, and implementing solutions for. 

In addition, similar to the Fannie Mae incident, this security breach also underscores the need for close integration with identity provisioning and de-provisioning systems.  Why, given this privileged user's termination, was his privileged access still valid?  His rights should have been de-provisioned immediately upon his termination.

According to Liz Latt and Beth Fortune in Public Affairs, a professor's desktop computer, containing the names and social security numbers of 7,174 current and former students, was stolen some time Advanced Hide Attached Image: Show the attached image in the story Hide Sidebar Blocks: Show standard sidebar blocks and ads. read more DANVILLE – The Danville Community School Board focused on network security at a special meeting Friday evening, seeking to bolster security after an inappropriate video surfaced on the high school’s computer system. DANVILLE – The Danville Community School Board focused on network security at a special meeting Friday evening, seeking to bolster security after an inappropriate video surfaced on the high school’s computer system. DANVILLE – The Danville Community School Board focused on network security at a special meeting Friday evening, seeking to bolster security after an inappropriate video surfaced on the high school’s computer system.