Marshall Brown
Dr. Saltuk Karahan
CYSE 368
June 24th, 2023
As I started my sixth week at Custom Truck One Source, I was getting in the groove of things. I would go to work having a task ready at hand. Whether that be updating user attributes in Active Directory, finishing up analyzing an Excel spreadsheet, giving access to users in Infor M3, setting up new employees in Infor M3, or just answering simple tickets from our ticket system on Zendesk.
This Monday, I had a priority project sent to me by the Vice President of Applications in the company. She needed me to first find all the users who have access to SYS_ADMIN. Then, I had to figure out their titles and confirm whether they allowed them to have that role in the company. If they do not have permission to have SYS_ADMIN, then I needed to go ahead and create a ticket on Zendesk and let the user know they no longer have permission to use SYS_ADMIN, and I had the go-ahead to remove that role from their profile in Infor, M3. Now, a lot of people came back and did not agree with what I did, but I just had to tell them that I had direct orders from the Vice President of Applications and it was just a regular check-in to confirm only the correct users have SYS_ADMIN since it is one of the most vital roles in the company and only those who have permission to have it can only have it.
It is just really interesting that I am slowly progressing more into the security side of the company. I am technically an IT Intern, but they know I am working on a degree focused on Cybersecurity, so it’s nice they are giving me more projects dedicated to application security.