> Is it even possible for a company to defend itself from sabotage by the person who is presumably responsible for their security? Seems illogical.
Off the top of my head:
a) don't force your clients to add their networks to be accessible by your cloud, this was their entirely huge mistake. or by design to enable spying activities. the same way I can log into unifi and set a switch port in promiscuous mode and forward the traffic to my remote ip, so can they.
b) two people required for secure access to sensitive systems.
c) sensitive gear on-premise under constant video surveillance.
d) logging to remote servers under control of "internal security" not "security", regularly monitored by "internal security".
Companies do this and more. They do it by contemplating a solution to a problem rather than dismissing the solution as "illogical".
They can design devices that are resilient to attacks by even themselves. That's hard when your whole pitch is "your devices are connected to the cloud!" though. But maybe that's the problem.
