You are the weakest link

rpm

Admin
Staff member
Joined
Jul 22, 2003
Messages
66,805
Reaction score
5,057
Location
Johannesburg
You are the weakest link

SECURITY IS ONE WORD every South African company knows well. Be it physical security or data security, the need to protect a company's assets against external threats is of vital importance. However, recent research indicates the biggest threat to security continues to come from inside the company.
 
most user haven't got a clue about security
 
You will not believe how many companies I've seen where the system admin's used passwords like ntadmin or domainadmin for the standard Administrators password on the users pc's.

Or the unix admin at one company who used to go home while leaving his ssh session to the prod server logged in as root and no screen saver password...

Edit: Hey look: 333 posts, I'm half evil!
 
Last edited:
....and the funniest thing is that they really believe they are secure...
 
Part of the problem here is because the avareage person is just not clued up. They would love to be secure, but if they don't get a guide on how to be secure, in plain simple terms, they lose interest.

It's the age old catch 22 situation of networking. Productivity versus security is not a nice "match", as ideally those 2 should be working hand in hand. I just don't see that happening any time soon though.
 
I thought this thread was about some red-haired chick.

I only use super strong passwords on those systems that I care about. The rest all have a generic password. :p

My dad writes all his passwords down on his desk pad :(
 
Security..what can I say lets say you as an adminstrator implement a security policy then there is always that little bitching bastard children working at the company bitching about this or that, even worse they go right around and bypass the whole thing (3G)..and unfortunately our IT department dont have any means of punish these users, thus we are left with really just reporting these individuals to CEO's/MD's or Board of directors who rarely understand any of technical jargon , and normally just laugh it all of.
point being that can truly only secure your network to the point where your end users co-operate. Still remains a "best effort" thing
 
You will not believe how many companies I've seen where the system admin's used passwords like ntadmin or domainadmin for the standard Administrators password on the users pc's.

That's shocking, but it's so true. Have seen similar behaviour at many companies I've worked at.

Or the unix admin at one company who used to go home while leaving his ssh session to the prod server logged in as root and no screen saver password...

I'm not sure which is more worrying, that he did that, or that the production server didn't have ssh idle timeout enabled
 
using eikon fingerprint reader to logon and secure data, very handy device
 
Top
Sign up to the MyBroadband newsletter
X