Who watches the watchers?
Many organizations depend upon content filtering and usage monitoring packages to enforce their acceptable use policies. These packages play two important roles: They deter unacceptable activity by providing users with the knowledge that their activity is being monitored. After all, not many people will intentionally violate a policy if they perceive a significant risk of being caught. They detect unacceptable activity when it does occur. These systems allow you to take appropriate administrative and technical action when a policy violation occurs. Take a moment to reflect upon the systems that you have in place in your current environment. Here’s the critical question for today – who analyzes the results using what criteria? The interpretation of system output is a critical (and possibly weak) link in the chain of acceptable use policy enforcement. If you don’t have appropriate controls in place you have a clear vulnerability that is ripe for exploitation. Full Story