10 Stupid Moves That Threaten Your Company's Security - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Comments
10 Stupid Moves That Threaten Your Company's Security
Newest First  |  Oldest First  |  Threaded View
Page 1 / 5   >   >>
Technocrati
50%
50%
Technocrati,
User Rank: Ninja
8/26/2016 | 8:14:56 PM
Re: Even Password Management tools can cause problems.
Hey batye !  Long time no see, good to see you old friend.   I agree no getting around the never ending hell that are patches and updates.  

Windows 10 is especially nerve racking.   After my last forced update, the only thing I noticed changed was where the power button was located and of course some new wallpaper.

 

You know you can never have enough wallpaper.
batye
50%
50%
batye,
User Rank: Ninja
2/3/2016 | 11:30:48 AM
Re: Even Password Management tools can cause problems.
@Broadway0474, with Windows security it never ending upgrade/patch process :)... sad reality of IT age...  how I see it ....:(
Broadway0474
50%
50%
Broadway0474,
User Rank: Ninja
1/31/2016 | 3:03:37 PM
Re: Even Password Management tools can cause problems.
@TerryB, No worries, no offense taken. And I love how you really got to the issue there. It's true --- we are letting Windows off the hook for being such a hole-ridden, easily corruptible OS. It should be a given know that users cannot be trusted. Deal with it.
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Author
1/31/2016 | 10:34:34 AM
Re: Even Password Management tools can cause problems.
Indeed, after hearing that statistic several years ago, I started paying more attention to my zippers.


Sure enough, they all say "YKK" on them.
TerryB
50%
50%
TerryB,
User Rank: Ninja
1/30/2016 | 9:45:31 PM
Re: Even Password Management tools can cause problems.
@joe, YKK is a customer. I did not know that about zippers though. That market they are in called Cold Heading. In old days it was big for us, now Peru and China dominate on price. We are big in Batteries (Duracell, Energizer and Rayovac all custs) and ammunition now. Also in photovoltaic but that is tough market.
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Author
1/30/2016 | 11:49:47 AM
Re: Even Password Management tools can cause problems.
@TerryB: Incidentally, I was under the impression that YKK manufactured something like 97% of the world's zippers.  Is that figure wrong/no longer correct?
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Author
1/30/2016 | 11:03:37 AM
Re: Even Password Management tools can cause problems.
@TerryB: Your tale/experiences remind me of an incident a few years ago when some disgruntled (possibly former...I don't quite recall) Coca-Cola employees stole and offered to sell the secret Coca-Cola recipe to Pepsi.

Pepsi played along -- while immediately contacting Coca-Cola and the FBI.  They all set up a sting to catch and arrest the Coca-Cola IP thieves.

And, of course, it wouldn't really have benefited Pepsi to take the deal in the first place.  There's a terrific economic analysis on why Pepsi buying and somehow leveraging Coca-Cola's formula would have only hurt both companies in the long run -- driving them to RTTB brinksmanship.  The blogger explains it better than I can, and his piece can be read here: freakonomics.com/2006/07/07/how-much-would-pepsi-pay-to-get-cokes-secret-formula/
TerryB
50%
50%
TerryB,
User Rank: Ninja
1/29/2016 | 10:00:48 AM
Re: Even Password Management tools can cause problems.
@Broadway, I want to apologize if you misunderstood my zipper comment. That was not intended to be an insult, I was just trying to point out all the boring, mundane places you use our product everyday. One of our customers was American Zipper. Not sure anymore, that is example of easy stuff to make that Peru and China excel in with their low cost.

Two key takeaways from what I was trying to say:

1) Many companies are like us, have no data which is used in bank or identity theft. You get one of our Sales laptops, you might get a list of contacts at our customers containing Name, company address and their work phone number. HR does not have client computers with employee info, all that is server based. So our stupidest employee can't impact your life, period.

2) My main reason for replying to you was trying to figure how you envisioned a system where you feed every employee you hire thru a vetting process to make sure they have high quality computer security understanding and are immune to every phishing exploit. I'm only IT guy here and my job is development. You want me to get involved in every hire and give yay/nay based on whther I think they are tech savvy?

For existing hires, are you suggesting we fire a person who is very good at their core job because they click on link which infects them with malware? Or someone steals their laptop while traveling? If so, what guarantee do we have the next employee can even do their core job, much less be better at security issues?  When you get a good employee at their discipline, you keep them. If you know another world than that, please enlighten me.

This whole article and forum is way off base anyway. There is only one core stupid move that is killing everybody:  Connecting ridiculously insecure client computers (Yeah Windows, I'm talking about you) to the freaking internet to do business. We are sitting here debating password strength issues when clicking on wrong link in email or web site can modify your core o/s to install software to capture your every keystroke and screen image and send it home to the bad guys.

Talk about stupid. We are sitting here debating how to best lock the door when the wall has a freaking hole in it. I spent 15 years working in the pre internet age, when businesses used servers with dumb terminals and private circuits. We had none of these problems, period. If we knew what we know now, is online banking and POS card purchasing worth it? If so, just how lazy (or stupid) are we as consumers? I'm on my 3rd debit card, other two were tried to be used on the other side of world.
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Author
1/29/2016 | 8:52:24 AM
Re: Most Overlooked Security Flaw
GaryS: Additionally, many organizations fail to properly and completely destroy data.  "Delete" -- or even reformatting -- does not eliminate all data.  While there are more effective ways to do it "in software", complete physical destruction of the drives is usually the best (and often the only) way.
Broadway0474
50%
50%
Broadway0474,
User Rank: Ninja
1/28/2016 | 11:01:15 PM
Re: Even Password Management tools can cause problems.
Well Terry B, I stand corrected. Next time I zip up my jeans, I will think of all the data that is probably being stolen because of your company's sales and HR staff. I will imagine all sorts of solutions, like forced retirements and maybe building that factory you speak of, but alas, once I am done zipping up, I will stop thinking and caring about it and will move on to my next fleeting thought. Best of luck!
Page 1 / 5   >   >>


2020 State of DevOps Report
2020 State of DevOps Report
Download this report today to learn more about the key tools and technologies being utilized, and how organizations deal with the cultural and process changes that DevOps brings. The report also examines the barriers organizations face, as well as the rewards from DevOps including faster application delivery, higher quality products, and quicker recovery from errors in production.
News
How COVID is Changing Technology Futures
Jessica Davis, Senior Editor, Enterprise Apps,  7/23/2020
Slideshows
10 Ways AI Is Transforming Enterprise Software
Cynthia Harvey, Freelance Journalist, InformationWeek,  7/13/2020
Commentary
IT Career Paths You May Not Have Considered
Lisa Morgan, Freelance Writer,  6/30/2020
Register for InformationWeek Newsletters
Video
Current Issue
Special Report: Why Performance Testing is Crucial Today
This special report will help enterprises determine what they should expect from performance testing solutions and how to put them to work most efficiently. Get it today!
White Papers
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll