At a company I worked at recently, I ran across a Sharepoint site and wondered whether I could download data that I wasn’t supposed to see.
Now I understand the purpose of SharePoint and company intranets is to share data, but even then, some data should be restricted to a limited number of people.
So I decided to check (before doing things like this, you better know How to Stay Out of Jail).
Filed under Audit, Excel, How to..., Security, Security Scout, Technology
About a decade ago, I personally witnessed the handover of the simplest, cheapest, and most effective disaster recover plan ever.
Let me first give you a little background….
I worked for a great IT director, who moved to another company, much bigger, and brought me with him.
In the new company, he again was responsible for all IT, and he brought me along to manage security and disaster recovery.
If I named this company, at least 25% of you would recognize it, even those of you around the world–true story, too.
Filed under Case Files, Humor/Irony, Security, Security Scout, Technology
During a recent visit to a library near you, I was trying to find a book via the online card catalog.
[I remember when card catalogs were on actual cards, in drawers, like the one pictured. Yikes!]
I was trying to find a book by someone who runs an analytics blog that I frequent, but I couldn’t remember the guy’s last name.
Filed under Security, Security Scout, Technology
I consulted with a company that implemented a new GRC package, and unfortunately they are using an application designed for GRC to do audit workpapers.
That wasn’t the only move that was questionable…
Filed under Audit, Security, Security Scout, Technology
When I was visiting a friend, she told me that her garage door opener no longer worked. For once, I did not suspect to find any security failures.
Occasionally, I am wrong.
Filed under Security Scout, Technology
In previous posts, I described how I gained access to the data center area and then the data center proper.
I had bypassed door #1 and door #2.
My new colleagues were not happy.
Filed under Case Files, Security, Security Scout
In my previous post, I described a data center failure that I discovered as the newly hired security manager of a prominent company.
In this post, I describe my next adventure.
NOTE: Some of the details below were changed a bit to protect the guilty. I tweaked their noses enough. :)
Filed under Case Files, Security, Security Scout
