[EdLUG] [Baen Baen's Bar] Fwd: Re: Fwd: Cybersecurity
Edinburgh Linux Users Group
edlug at lists.edlug.org.uk
Wed Feb 20 17:26:00 UTC 2019
I'd rather differ...
The first thing to ask them would be what their concerns are.
>
Whose concerns, the board of directors or the sys admin? :-) In this case
it sounds like the board of directors (or their own stakeholders) have
established the need to bring in an external auditor. If the machines are
owned by the organisation, or holding the organisation's data, it's often
above an admin's prerogative to push back on a request initiated by the
organisation's upper management - hence separating the work machines from
the personal ones to alleviate the sys admin's concerns...!
> I suspect that they just need to make sure that they comply with GDPR, and
> to know that their business systems are protected from public access.
>
My take is, that's a compliance audit, not a security audit. All good
questions mentioned, but they come before, and are separate from, a
security audit.
In any case, it seems like the audit happened long before the mails were
even forwarded on, so I'm not sure what was wanted as feedback....? :-)
-- Tai
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.edlug.org.uk/pipermail/edlug/attachments/20190220/ebd8f26c/attachment-0001.html>
More information about the EdLUG
mailing list