Remember the Security Scout adventure where I roamed the basement of a major bank and found questionable security issues? If you missed it or need a refresher, read Major Bank Invites Hackers In?
Guess what happened at the bank?
I recently heard from a friend of one of the bank employees that the community room is no longer available to the community. The reason? The bank was audited recently and management decided the traffic wasn’t worth the risk. That gives me a chuckle as I imagine the auditor smiling to himself as he celebrates his accomplishment in his corporate cubicle.
The question is, did they just ban the public from the basement, or did they actually remedy any of the issues I listed? After all, most fraud and security incidents originate from within one’s own walls and ceiling tiles.
2 responses to “Bank No Longer Invites Hackers In”
It should have made you happy as well since you they did what you had observed.
It was exciting to see that someone saw some of the light and excluded visitors from their facilities (at least unsupervised visitors). I have no idea whether they noticed or dealt with any of the other issues I noted. In my experience, banks and health care organizations, although they have more to lose than other industries, are some of the worst offenders.