French Bank Scandal Blamed on Poor Identity and Access Processes

This article is interesting. It discusses how weak identity management processes contributed to the recent trading scandal at the French bank Société Général.

Calum Macleod, European director at security supplier Cyber-ark, said the bank's failure to put an effective policy for password management in place had left it open to fraud. He added that financial organisations had trouble managing passwords because of the high number of applications and authorised workers.

"The rogue trader would not have to be an IT expert to get the passwords because they are not regularly changed and often use the default passwords set by the application suppliers," said Macleod.

I think anyone who has worked in the corporate world has seen this problem. Password managment can be unruly. Microsoft has started to get their arms around this issue with products such as ILM.