One of the main security exposures we face is unsecured user profiles. This exposure can be exploited quite easily to violate the strict COBIT and SOX requirement of "separation of duties".

The sessions will explore the methods used to hijack a user profile to gain unlimited power. It will also provide recommendations on eliminating the exposures for a more secure system.

By the end of this session, attendeees will be able to:
1. Identify methods to expliot unsecured user profile.
2. Understand how to eliminate the exposures.