Abstract:
In today’s business environment it is difficult to obtain senior management approval for the expenditure of valuable resources to “guarantee” that a potentially disastrous event will not occur that could affect the ultimate survivability of the organization. The total information network flexibility achieved depends to a great extent on how network security is implemented. However, this implementation depends on the
network designers at the initial stage and the network administrators in the long term. Initial security level designed can be later changed, improved or compromised by the network administrators who look after day-to-day network and system functions. Their competencies and the motivation contribute in achieving the desired security objectives that are aligned with the business goals. Incompetent network administrator may pave the way to attacks that could take place either at once where an obvious vulnerability
may exist or in several phases where it requires information gathering or scanning in order to enter into the target system. De-motivated network administrator may ignore the possible threats or find strategies to make his/ her presence vital for the existence of the network services. The latter may be an example of a competent network administrator who is not rewarded due to the lapses of the senior management, in which case backdoors or logic bombs may be deployed so that the administrator may
take vengeance in case the career is terminated or someone else is given undue recognition. Two studies on real cases given in this paper highlights the influence of such network administrators. To preserve the confidentiality, the names of personnel or organizations are not revealed.