IT administration: too little data security in medium-sized companies
In many medium-sized companies, not only the IT administrator has unrestricted access to all operational data, but also the IT-savvy trainee. If he later leaves the company, he often retains his access rights because nobody thinks about it, explains data security specialist Detlef Schmuck. The granular IT authorization systems that are common in large companies are often saved in medium-sized companies for cost reasons. In essence, each user is only granted those access rights to databases that are absolutely necessary for the respective workplace. "However, the management of individual access authorizations requires a lot of effort, especially since there is always a tendency on the user side to have more...