RE:[sap-security] Maintaining Own's Email address
Posted by
Admin at
|
Share this post:
|
|
0 Comments
 | Posted by edmarks (Security Admin) on Aug 30 at 1:52 PM |  Mark as helpful |
I don't have the original article, but there are some serious audit reasons to not let the user maintain their own email address. The same goes for copiers / printers / scanners that allow you to send the copy to your email address. If the user could change this, they could change their address to be the President or CEO and send out a ton of "spoof" messages. While this seems like a simple thing the user should be able to do, it's not in the best interest of anyone.
Here's the second arguement. Either use LDAP to synchronize it, or allow your admins who are already responsible for email addresses to update it. If the email admin updates an address in the email system, why shouldn't they be responsible to update it in down stream systems (if LDAP or equivalent) isn't in place.
__.____._ Here's the second arguement. Either use LDAP to synchronize it, or allow your admins who are already responsible for email addresses to update it. If the email admin updates an address in the email system, why shouldn't they be responsible to update it in down stream systems (if LDAP or equivalent) isn't in place.
Copyright © 2009 CEB Toolbox, Inc. and message author.
Toolbox.com 4343 N. Scottsdale Road Suite 280, Scottsdale, AZ 85251
Toolbox.com 4343 N. Scottsdale Road Suite 280, Scottsdale, AZ 85251
Related Content
White Papers
View this thread online
Manage group e-mails
Create an FAQ on this topic
Tell us what you think
Unsubscribe from discussion
Manage group e-mails
Create an FAQ on this topic
Tell us what you think
Unsubscribe from discussion
