When an employee or contractor leaves the company, it’s best practice to immediately disable their access to company resources.
In the digital and online world, it’s easy to miss some forms of access, and remember off-hand every single system where the employee’s access should be revoked.
The level of risk increases when the employee separation occurs involuntarily, which might create a situation where the former employee is disgruntled, and increases exponentially if the employee has administrative privileges to sensitive systems.
In this article, I will attempt to outline best practices for a policies and processes around identity and access management, enumerate specific forms of access, many of which might be overlooked, and share some anecdotes resulting from the failure to properly revoke a terminated employee’s privileges.
“Serious flaw found in Internet Explorer”. That’s like saying, “garbage found in the dumpster”. Although I don’t disagree that the flaw is serious, I DO question the utility and value of using Internet Explorer, as well as the ongoing expectation that IE is useful for anything other than downloading a competent browser.
I was working on a project that required simple arithmetic for very large integers, a set of algorithms called “Arbitrary Precision Math”.
Thinking back to elementary school, simple algorithms exist for addition, subtraction, and multiplication of two numbers with any number of digits.
To my surprise, every algorithm for division either relies on logarithms, which are difficult to implement in arbitrary precision, or the first instruction was “guess the first number, then guess the second number” etc…
Update: 10/2015: I’ve put together a YouTube video for this post. Check it out, here:
Read on, for a simple, reliable, repeatable algorithm for dividing integers of any length.
Denial of Service (DoS) attacks took down both Sony’s Playstation Network (PSN) and Microsoft’s XBox Live (XBL) on Christmas day – turning the joy of Christmas in to frustration and disappointment for anyone who received a new game for Christmas. As of 12/26, XBox was largely restored, while Playstation was still at least partially offline, with PS3 access intermittent at best, the Playstation Network website “unavailable due to scheduled maintenance”, and PS4 access completely unavailable.
Knowing in advance that threats had been made of a DoS attack on Christmas day, both companies had plenty of time to prepare, yet they either chose to ignore the threats or take insufficient precautions, leaving their staff scrambling, and their customers frustrated.
Here is a simple method that could have been used to prevent the whole fiasco.