Trusting your administrators and outside consultants is a key part of the security process. But should you? I recently came across a story where an employee of a managed service provider (MSP) sold access to the client base. Years ago, a Microsoft security strategist, Steve Riley, asked attendees at the company’s security conference if they trusted their administrators. Astoundingly, most people in the room indicated that they did not trust their administrators.