How can Linode protect itself from malicious ex-employees?

How can Linode protect itself from malicious ex-employees?

The recent attack on Verelox, a Netherlands based hosting provider, has raised several questions about security and disgruntled malicious ex-employees. In the Verelox case, an ex-admin added backdoors on critical servers and caused data loss (some say to just about the entire company, but did not affect backups). Verelox has since started to bring back many of the customers servers.

I understand that the VPS offerings are not secure, any admin can read/write files on any container VPS via the hardware node, in addition to any data centre admins with physical access. Plus, almost all data centres and hosting providers do some kind of monitoring for xyz government agencies, so that adds another admin person on top of the others, who also has wide-spread access our data.

In another hosting provider, I asked for customer support to fix something as part of their "managed" services, so a random guy from Pakistan accessed the server and messed it up (I monitored the situation remotely, so I could see how clueless he was). I mention this as an example, because legally going after someone across the globe could be nearly impossible, thus some people find it easy to hide after doing something bad. The hosting provider of course denied wrong doing and said that "Bob" was an experienced admin…. (LoL).

IT-related companies that I deal with, have various levels of security, thus one person can do widespread damage, in many cases admins are limited to a certain number of services/clients. I am hoping that Linode will have similar security policies.

Food for thought.

2 Replies

I can't imagine what kind of person would ever leave Linode disgruntled :mrgreen:

If intentional widespread sabotage can be proven and determined to be a felony crime, and it happens to affect someone's critical system somewhere that leads to the death of a federal employee (could happen), there could be a case for capital punishment.

The deterrent is pretty heavy. Food for thought.

IANAL

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct