- Thursday, 12 November 2009
- INQ Mobile
- RSS
Al Capone's business card said he was a used furniture dealer
Security scuppered by clueless workers
THIS WEEK WAS Get Safe Online Week, if you didn’t know that then unfortunately you missed out as it ends today – yet as part of this event the TUC is launching a new toolkit to improve worker's Internet security awareness and skills.
While many companies have been working hard to improve their Internet security, TUC is worried that this could all be a waste of time if the workers know next to nothing about net security.
The 2008 Get Safe Online Report revealed that 66 percent of internet users admitted to using the same password for multiple websites, 23 percent had posted confidential or personal information online, and 17 percent had opened email attachments from an unknown source.
This is of course a problem, as the clueless workers are basically counteracting any security measures put in place.
With an aim to change this TUC has got together with Get Safe Online and the Department for Innovation, Universities and Skills (DIUS) to produce Not Safe For Work? – a free online toolkit for staff.
With that title TUC will probably get more interest in their report than they expect, yet this is obviously a step in the right direction.
The toolkit isn’t just a boring list of instructions – oh, no, to keep those security-stopping scamps entertained it also includes quizzes and reading lists as well as the offer of a personalised prescription on Internet security issues that is tailored to the individual’s Internet usage.
The toolkit outlines four main areas of study - malicious software, identity
theft, dos and don’ts of computer use and privacy online.
It's also hoped that employers will make use of the toolkit, perhaps by making
it a mandatory part of hiring policy.
TUC General Secretary Brendan Barber said, “Employers must make sure that staff are aware of the dangers associated with working online. Without training, staff may well find themselves the weakest link in the security chain, without ever knowing what they are doing wrong.”
While, Get Safe Online Managing Director Tony Neate said, “The Internet is a fantastic place to be, and a valuable resource for both individuals and employers. But having the right software and infrastructure in place is not enough on its own to protect your organisation against online threats.”
So, if you missed the golden opportunity to celebrate Get Safe Online Week, perhaps you can feel like you were part of it by updating your security skills – although we doubt any of you really need the help. µ
L'Inq
Get Safe Online
Share this:
ShareBusiness Intelligence Software
Customer Relationship Management (CRM)
Enterprise Accounting Software
Enterprise Resource Planning (ERP)
Enterprise Systems Management
Speaking from personal apathy and slackardness...

the last thing one cares about is their job's security. Most people would rather see the place burned to the ground or hit by a patriot missle. I think a lil pop up of gambling or viagra is the least of it.

I am of the opinion that there are many workers who look at pr0n and bizarre junk at work vs. home as they would rather jeopardize a company computer
In some cases it's not the workers that are clueless, but management.

I worked in payroll for a large corporation for a few years. We gradually moved from a tape system to direct bank transfers.

As our job became more and more automated we got more and more systems and then more and more passwords.

At one stage I had : A passcode to enter the secure part of the building (Digital lock and keypad). A password to log onto my pc. A password for the screensaver in case I was away from my keyboard for more than a few minutes.
A password for the payroll program. An operator code and password to validate which operator I was.
A pincode for the code generation pad that we used to generate secure transfer codes. A password for the bank's site that I had to log into. A password for the transer data generation program.

These are just the ones I can remember, There were more than a dozen all told. On top of this I had my own personal life's passwords and codes to remember - personal phone numbers, pin codes for atm cards, my own codes for internet access at home etc etc.

I calculated at one stage I had around 33 codes or numbers to remember ranging from 4 digit codes to 14 digit alphanumeric strings.

The final straw came when our idiot auditors decided that, to be MORE secure, we would now have to change ALL our codes EVERY month. AND every month they would have to be unique.

Imagine having to change that many codes, every month, delete the old ones from your memory, and remember the new ones infallibly - I found it impossible and so did every else.

But they actually installed software that not only FORCED us to change them all once a month, (The old ones expired!) but checked for common words, repetitions of old passwords, old passwords with letters mixed around or added in, etc etc. 

There was a company wide rebellion. After a while everybody's monitors were wall-papered with little yellow post-it notes full of security codes - we just took them down when the auditors showed up.

So, in pursuit of greater security, by having unrealistic goals, they actually made the workplace LESS secure. 

I suspect a lot of people are just suffering from "Password fatigue". 
The workers around here are nose pickin morons so we're all getting thin clients, whee!
(I got a 32GB 8 core Opteron rig for my engg work but the bozos in purchasing are gonna be gettin thin, the fools, learn how to use nose blow next time!)
Security was big problem in lates 1990s & until Very recently Constant nag. Now however, I run this Vista unit on Wide Open, Security level 0. No pop up blocks nothing. yet theres no problem.

I Pity Fool Who Wastes Money on Security, Lavasoft is enough.NEXT:

USB 3.0 is complete, the group of companies behind the project announced last night. The specification is now officially at version 1.0.

Also known as SuperSpeed USB, the device-connection technology has a peak throughput ten times greater than USB 2.0's 480Mb/s.

SuperSpeed uses new ports to deliver the greater bandwidth. But they're designed to be backwards compatible with full-size USB 1.1 and 2.0 ports.

With the specification now complete, suppliers can work on building ports and the chips that manage them. That said, don't expect standalone USB 3.0 controllers to appear for the best part of a year. Consumer kit equipped with the new standard won't appear until 2010. 
em.
drashek



aha
recently i lost my book of passwords. i didnt need one til i got to about 25. think that is my mental limit. couldnt cope with 65 tho.

ah well some lucky bunny has the keys to my life, if they can read my writing :P

Mate... you need KeePass or Schneier's PasswordSafe or something like that... make your life easier and secure at the same time.