Skip to main content

Nick Wingfield IS the Insider Threat

I perused over this Wall Street Journal article by Nick Wingfield and my heart immediately went out to the poor IT guys at the WSJ who have to put up with him. The title of the article, "Why You Can't Use Personal Technology at the Office", caught my eye because I thought it would be a nice overview of the various reasons bringing your personal techno gadgets to work causes headaches for your IT department. As it turns out, Nick was simply using the WSJ as a soapbox to cry his heart out about having to use "ancient" technology like "Windows XP" and how clever he is to have found a way around his companies IT policy enforcement to install his favorite toolbars and plugins. How he got a job at the WSJ writing about technology is beyond comprehension (I have a few ideas), but at least he gave me a good example of someone with just enough technical know-how to skate around corporate policies and not enough common sense to see how dangerous that is.


The SANS Institute recently listed their number one priority for information security: client side software that remains unpatched. Nick, by installing his favorite toolbars, has added to the list of "client side software" that the IT department has to keep track of and updated. While this would normally just be an additional annoyance, since Nick has decided to do this without asking, we can assume he also did it without informing. Which means the IT guys have no idea Nick is running an unauthorized program on his computer, and what we aren't aware of, we can't protect.



So lets say after 6 months of running his favorite app, Nick forgets about it and fails to update it. The IT department makes sure that the latest round of vulnerabilities are patched thoroughly, but no one is aware of good old Nick and his latest techno-tool. While surfing around, Nick clicks the wrong link and presto, his computer is compromised thanks to a vulnerability in the application he failed to mention to IT.

The virus spreads, steals personal data, costs the company millions. And who gets in trouble? Not Nick. He's just an innocent, incompetent user. It should have been us IT guys that protected Nick from his own ignorance. Maybe at least we'll have an easier time convincing the C-class execs to purchase that auditing software now that half the IT department got canned because of him.

But Nick isn't the only one making brazen attempts at skirting the policies at the WSJ.  Vauhini Vara wrote a blatent and incredulous article specifically on how to pull one over on your IT folks in order to surf dangerous websites, send giant emails, use forbidden software, and put company data online. It's essentially a guidebook for how to compromise every safeguard that your company has put in place to protect itself (and your job). While she tries to add one or two sentences into each section on "why this might be dangerous", it's very doubtful that any of her readers really comprehend the way in which they are compromising their own companies security.

The amount of money we have to spend to keep these type of people from destroying companies from the inside out is ridiculous. It's like having to tie employees to their chairs because they keep trying to light the damn building on fire out of boredom.

Maybe Murdoch's idea to remove WSJ from Google is not such a bad one, if this is the type of "pro-business" reporting that it's doing.

Comments

Popular posts from this blog

Outlook Credential Prompt When Opening Exchange 2013 Public Folder

After completing an Exchange 2007 > 2013 migration recently, I was left with one issue that was preventing us from stamping the project as a roaring success and moving on:

Outlook 2013 users were sometimes receiving a single pop-up prompt for credentials whenever they opened the Public Folder (we have only one). One. Single. Prompt.

Google was frustratingly unhelpful because searching for "outlook prompts for username and password when opening public folders" or something similar just resulted in a lot of folks who were always getting a pop-up that wouldn't go away. It was usually caused by an authentication failure of some sort.

However, we were in a different boat - Users got the prompt once when they first launchedOutlook and opened their public folders, but after entering it they could continue - authentication worked. Next time they logged in to their PC, it would happen again. Not a show stopper, but it definitely generated its share of support calls.

Repairing Mailbox Corruption in Exchange 2010

I recently got through recovering an SBS 2011 server after Active Directory face-planted in the middle of a workday. When I say recover, I mean I repeated the entire migration, using a cleaned up secondary DC - it was a fun weekend (expect another post about that experience). Although I thought we were in the clear, I got a call from the client about 24 hours after we had verified everything was working. He indicated that his iPhone had suddenly stopped receiving mail in the inbox (calendar, contacts, sent items were still fine) and throws up an error after spinning in circles for a few minutes that it "cannot connect to mail server".

SCEP Policy Update Troubleshooting

Because I'm a glutton for punishment, I recently started rolling out System Center Configuration Manager 2012 R2 SP1 and System Center Endpoint Protection across our VDI environment. There are always some considerations to be made in a pooled desktop / gold image type environment when loading software that uniquely identifies devices, but lucky for me SCCM/SCEP handled this just fine without any tweaking. However, there were some nuances to how SCEP policies are applied that caused some serious hair-pulling before I spotted the issues.