There are some instances where denial of direct access to data is a
governmental requirement.
Example: The US government has (for better or worse) enacted the
Heathcare Insurance Portability and Accountability Act because of a
number of egregious violations of privacy by drug companies and other
interested parties (read personal injury lawyers) who profited by data
mining health records. Unfortunately unscrupulous sysops and records
admins were among those who were party to passing private healthcare
data along to unauthorized third parties. Under HIPAA, a patient must
give express access permission to a sysop at a healthcare organization
for their personal information, otherwise that data is handled in
encrypted blocks that can not be accessed by those without proper
authority.
In practice, a system admin often has access to information that would
enable them access to patient information, but the monitoring of these
systems and the incredibly stiff penalties (IIRC $11,000 or more per
incident) acts as a check on the curious.
-J
Mark Haney wrote:
hike wrote:
No, it is not wise.
It is unethical for sysadmins to access this data without a specific
reason
and approval.
If you cannot trust your sysadmins to act in an ethical fashion, YOU
have
screwed up big-time.
YOU hire trustworthy people.
YOU train trustworthy people.
Locking-down SELinux does not stop unethical sysadmins.
It will just take a little longer to breach your ill-advised & INSULTING
security.
Once the unethical sysadmin that YOU hired breaks in, she will be
(rightly)
pissed and really screw things up.
If you don't trust YOUR sysadmins, either quit (the preferred
solution) or
fire the sysadmins.
Doesn't anybody think it is essential to hire TRUSTWORTHY people any
more?
Doesn't ANY employer think it is essential to RESPECT their employee any
more?
These are two reasons that businesses in the U.S.A. suck big time!
I have to say, I certainly do agree with you. I was thinking the
exact same thing, but didn't want to turn this thread into a flame
war. Personally, it's a lack of respect on both sides that cause
trouble. Not respecting and trusting your admins leads to them acting
like children.
Remember being told, as a kid, 'don't do this' (whatever it was) and
the one and only thought on your mind is 'I HAVE to do that'? Every
child gets that way. Not trusting your admins gets the same
result. (IMHO)
I don't think we need to make this a long, drawn out thread on ethics,
I only asked if that was wise simply because I think it's not and
wanted to hear what others say.
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
