I was wondering if there is any way to prevent the Network Administrator from reading the CEO's email? I am aware of making the administrator non-domain administrator and give them only the required privileges to do their job. The only issue would be how would he be able to administrate the actual exchange server. Thank you for all your help.
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations derfloh on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Preventing admin from reading CEO's email
- Thread starter NCOELHO
- Start date
Well, if you really want it to play as secure as you could get it, then have the admin password(s) ONLY managed by that CEO, so the admin can bother him for every little thing that needs attention. After every intervention, the CEO can set another password and so on and so on ... oh yeah, they will like that ;-)
BTW, there is a mention of
If a corporation is that scared by all this, then they should hire a CEO acting as admin.
That still does not solve the sniffing and ISP issues though!
Let them pick up the phone if it is that confidential, book a meeting in the center of a park and communicate by whispering in eachother's ear! And then hope the OTHER persons keeps this info to themselves!
This is all just a big joke. Companies want everything automated, as simple and cheap as it can get, and then they start wondering ... oh, but what if .....
Marc
If 'something' 'somewhere' gives 'some' error, expect random guesses or no replies at all.
Free Tip: The F1 Key does NOT destroy your PC!
BTW, there is a mention of
Excuse me, but NONE of the CEO's use THEIR money to pay for ANYTHING in a company!
If a corporation is that scared by all this, then they should hire a CEO acting as admin.
That still does not solve the sniffing and ISP issues though!
Let them pick up the phone if it is that confidential, book a meeting in the center of a park and communicate by whispering in eachother's ear! And then hope the OTHER persons keeps this info to themselves!
This is all just a big joke. Companies want everything automated, as simple and cheap as it can get, and then they start wondering ... oh, but what if .....
Marc
If 'something' 'somewhere' gives 'some' error, expect random guesses or no replies at all.
Free Tip: The F1 Key does NOT destroy your PC!
rationalbus
IS-IT--Management
Marc,
Thanks (I think) for your comments. I guess we have different approaches. In my business, most of my clients are relatively small business. I am not talking about large enterprise customers. Most of them have under 100 employees. Therefore, in most cases, these CEOs do use their own money to fund their IT investment. However, that is not the point. I call the system flawed because I believe that the owners of these companies have a right to want to have their communications private if it is possible. They ask me for this and I try to offer it. Of course they don't want to be the ones to hold the admin password and require the sys admin to need to ask them everytime service is required.
I believe the originator of this post asked a perfectly reasonable innocent question. I echoed his request. The simple response which was given earlier is - No, it is not possible.
Thanks (I think) for your comments. I guess we have different approaches. In my business, most of my clients are relatively small business. I am not talking about large enterprise customers. Most of them have under 100 employees. Therefore, in most cases, these CEOs do use their own money to fund their IT investment. However, that is not the point. I call the system flawed because I believe that the owners of these companies have a right to want to have their communications private if it is possible. They ask me for this and I try to offer it. Of course they don't want to be the ones to hold the admin password and require the sys admin to need to ask them everytime service is required.
I believe the originator of this post asked a perfectly reasonable innocent question. I echoed his request. The simple response which was given earlier is - No, it is not possible.
Sorry, but by definition an CEO is NEVER the owner of the company, see
The correct and only answers is indeed "NO, not possible".
But, there are other members looking for this info, so posting additional info, joking around if needed, is perfectly ok, just to try and 'paint the picture'
Of course they have the right to ask, but I would never NEVER claim I can offer it!
Marc
If 'something' 'somewhere' gives 'some' error, expect random guesses or no replies at all.
Free Tip: The F1 Key does NOT destroy your PC!
The correct and only answers is indeed "NO, not possible".
But, there are other members looking for this info, so posting additional info, joking around if needed, is perfectly ok, just to try and 'paint the picture'
Of course they have the right to ask, but I would never NEVER claim I can offer it!
Marc
If 'something' 'somewhere' gives 'some' error, expect random guesses or no replies at all.
Free Tip: The F1 Key does NOT destroy your PC!
The other thing about this is that making things simpler for admins means making things less expensive for the company. The CEO privacy issue is entirely something else. Most people at the C-level understand that their business communications are owned by the company, not the CEO. While they may not want all of their communications made public (and rightfully so), they should have no more expectation of privacy than any other employee when it comes to using company owned resources for company business. The CEO isn't unaccountable, he/she still has to report to the board.
rationalbus
IS-IT--Management
I would like to clarify something here. As mentioned before, we are talking about small business, private companies, certainly not public, almost always if not always no Board of Directors. The CEO is the owner, he/she owns 100% of the shares in the company. This owner has all accountability for everything. the owner has his life invested in it. If it fails, he fails and often drags his entire life down with it. You don't get much more accountable than that.
I agree totally with the point about being simpler for admins makes it less expensive for the owners. Now, with respect to privacy, we are not referring to him running personal business using his office computer. We are referring to him dealing with company business which in the interests of the company would be better off if they weren't shared with others inside the company.
I'm a bit surprised with the lack of acceptance that what I am saying here should at least be of value to companies. Again, I understand that it can't be achieved, but I would still say that the owners should want this to be achievable.
I agree totally with the point about being simpler for admins makes it less expensive for the owners. Now, with respect to privacy, we are not referring to him running personal business using his office computer. We are referring to him dealing with company business which in the interests of the company would be better off if they weren't shared with others inside the company.
I'm a bit surprised with the lack of acceptance that what I am saying here should at least be of value to companies. Again, I understand that it can't be achieved, but I would still say that the owners should want this to be achievable.
The owner of a small business should not expect that to be achievable because it serves absolutely no purpose. Why secure one end of a communication when the person on the other end could simply forward the "private" conversation to the world?
It's not a matter of whether or not it can be done, it's a matter of its usefullness. In this case, it's not in any way a useful proposition to even attempt to achieve.
Remember the good old days when you had to lick stamps and mail all your communications? Not very secure was it?
I'm Certifiable, not cert-ified.
It just means my answers are from experience, not a book.
It's not a matter of whether or not it can be done, it's a matter of its usefullness. In this case, it's not in any way a useful proposition to even attempt to achieve.
Remember the good old days when you had to lick stamps and mail all your communications? Not very secure was it?
I'm Certifiable, not cert-ified.
It just means my answers are from experience, not a book.
Often times, in both small and large companies, the CEO or owner has little to no understanding about how technology works, what technology is reasonable to implement, or what the ramifiations of technology are. This is a perfect example of the case.
This makes sense, and just because it's in email doesn't mean that it's being shared with everyone. It only means if an IT Admin really wanted to get their hands on it then they could.
It is expected of IT Admins that because they will be trusted with the ability to access privileged information they will not abuse that ability. Because of this it is important for the employer to try to hire the most trustworthy people for the position (not just someone who knows how to do the job).
In consulting (especially for smaller businesses) you run into these situations a lot. The answer isn't to look for the technological magic bullet but to reset the expectations of the person in charge. Most non-technical people think of technology as something close to magic (probably comes from watching too much TV), and so they don't know the limitations or costs involved. That's why setting the expectations to a correct level is key.
Code:
We are referring to him dealing with company business which in the interests of the company would be better off if they weren't shared with others inside the company.This makes sense, and just because it's in email doesn't mean that it's being shared with everyone. It only means if an IT Admin really wanted to get their hands on it then they could.
It is expected of IT Admins that because they will be trusted with the ability to access privileged information they will not abuse that ability. Because of this it is important for the employer to try to hire the most trustworthy people for the position (not just someone who knows how to do the job).
In consulting (especially for smaller businesses) you run into these situations a lot. The answer isn't to look for the technological magic bullet but to reset the expectations of the person in charge. Most non-technical people think of technology as something close to magic (probably comes from watching too much TV), and so they don't know the limitations or costs involved. That's why setting the expectations to a correct level is key.
- Status
Similar threads
- Locked
- Question
- Locked
- Question
- Locked
- Question
