Registering/Accounts with online vendors

dattaway at attaway.net dattaway at attaway.net
Mon Jul 22 18:05:32 CDT 2002 

On Mon, 22 Jul 2002, Michael wrote:

> I'd agree that companies should be far more careful with what employees
> are given access to. Several jobs have just thrown open the gates (or had
> no gates at all) to their data having just met me. One company comes to
> mind because new employees that are just being trained are on their first
> day given access to all customer data.. including full credit card
> numbers. It's not just data that companies are careless with though. One
> school I worked for had a master set of keys to every room on campus
> including dorms, shower rooms, etc (and they had 99% female students) that
> they'd just hand out to new employees and even service techs etc that were
> there just for the day. It wasn't uncommon for sets of keys to turn up
> missing. I can just imagine what the wrong person with a master key to a
> girls school would do.

Every place I have worked at appears to have a good policy when it comes 
to keys and confidential information . . . that is for the person walking 
in off the street.  Maintenance and cleanup usually have the best sets of 
master keys that open ALL the doors, unlike the Boss, which opens most.  
Most of those keys are copied with a blind eye so people can get their job 
done.  Electronic locks, or swiping cards, seem like a good idea to make 
it more accountable, but all it takes to defeat that is a little social 
engineering on a bad day to get 100% access.  Security guards are the best 
people to ask for these favors. 

Hard drives from discarded or broken computers?  I see computers turn up
in the trash dumps all the time with medical records, emails, databases,
accounting information for large hospitals, manufacturing, etc., all the
time.  Sure, they aren't bootable, because the drive boot sector is
"wiped."  Unfortunately, they still mount with the mount command and are
quite readable.  The best way to wipe a hard drive is with a 20 pound
hammer.  I hate to say that, but a person has to ask himself if the
company's information is worth more than a 2GB hard drive.

Why drive a car when you can ride a bike?
http://attaway.net                 http://counter.li.org   user #142150

More information about the Kclug mailing list