The scenario goes like this:

• the user needs access and seeks an Admin resolution
• the setup works, but sometimes things fail
• the user finds a circumvention to the failure
• and suddenly, everyone knows the circumventions
• and the admin goes berzerk

As Pogo once said

"we have met the enemy and he is us"

You really can't blame the users (too much) as they have work to get done and schedules to meet. That haste however, can easily compromise the whole infrastructue.

Trouble Ticket

* At issue: Users are bringing in personal devices like iPads and connecting to the network.
* Action plan: Find out how this became possible, and make the necessary changes to prevent it.

I (the Admin) can't vouch for the integrity of any device that a user brings in. In many cases, these are machines that an employee's kids have used to play games, chat on Facebook and download who knows what. Since they aren't corporate resources, we have no control over what software, antivirus protection or security patches are installed. And then there are legal issues to consider, since we can't control a personal asset.

So now I have a new task at hand that will more than likely cause me a lot of grief: to pull back the current certificates, re-architect and reissue nonexportable certificates, and restrict them to the guest wireless access.

The gorry details are available in the original Computerworld article here

__________________
J. O. Beard; you + tech-101.com => synergism. Secure your system now