The SANS Institute recently listed their number one priority for information security: client side software that remains unpatched. Nick, by installing his favorite toolbars, has added to the list of "client side software" that the IT department has to keep track of and updated. While this would normally just be an additional annoyance, since Nick has decided to do this without asking, we can assume he also did it without informing. Which means the IT guys have no idea Nick is running an unauthorized program on his computer, and what we aren't aware of, we can't protect.
The virus spreads, steals personal data, costs the company millions. And who gets in trouble? Not Nick. He's just an innocent, incompetent user. It should have been us IT guys that protected Nick from his own ignorance. Maybe at least we'll have an easier time convincing the C-class execs to purchase that auditing software now that half the IT department got canned because of him.
But Nick isn't the only one making brazen attempts at skirting the policies at the WSJ. Vauhini Vara wrote a blatent and incredulous article specifically on how to pull one over on your IT folks in order to surf dangerous websites, send giant emails, use forbidden software, and put company data online. It's essentially a guidebook for how to compromise every safeguard that your company has put in place to protect itself (and your job). While she tries to add one or two sentences into each section on "why this might be dangerous", it's very doubtful that any of her readers really comprehend the way in which they are compromising their own companies security.
The amount of money we have to spend to keep these type of people from destroying companies from the inside out is ridiculous. It's like having to tie employees to their chairs because they keep trying to light the damn building on fire out of boredom.
Maybe Murdoch's idea to remove WSJ from Google is not such a bad one, if this is the type of "pro-business" reporting that it's doing.
Post a Comment