My friend lives in an upscale, assisted living facility and recently had thousands of dollars withdrawn from her accounts via ATM.
Originally, we suspected the staff at the facility, but as I learned more about the incident, and recalled a few seemingly unrelated items I had heard about a few weeks before, I began suspecting it was a family member.
Within a week, the police identified the family member responsible, who confessed. It was sad.
However, my friend wanted a locked compartment in her apartment where she could feel it was safe from the assisted living staff (and other family members, I suppose).
So with my friend present, the maintenance man unwrapped a new locking mechanism and keys from a factory-sealed package and installed the lock on a lower kitchen cabinet.
Did any alarms go off in your head yet?
First, the cabinet was a lower kitchen cabinet. What elderly person wants to bend over and try to see where to insert a key to unlock the cabinet? That’s a user interface failure: the installer failed to take into account his audience, and the result was disastrous.
My friend, knowing that I’m a security auditor, showed me the cabinet, and asked me, “Do you think it’s secure?”
“Well,” I said, “At least the cabinet is solid oak. And the hinges are not exposed.”
“So you think it’s okay?” my friend prodded.
“Let’s see,” I said, as I pulled out the drawer above the locked door, reached in, and retrieved my friends treasured belongings.
“I never thought of that,” my friend exclaimed, as I replaced the drawer.
“Neither did your maintenance man,” I replied. “And the best part is, you would never know anything is missing until you unlocked the cabinet, several days later.”
A stealthy steal, indeed.
Check out the data center that had a similar failure…