One company I worked at had a sad data center failure, and I’m not talking a power outage or a fire or theft.
When I arrived at this company, it had no security department. Few security processes. Little security.
And the company also made two interesting mistakes when it hired me.
Filed under Audit, Case Files, Security, Security Scout
Okay, so you’re not up to a wastebasket audit? Too demeaning, too sneaky, too many sticky candy wrappers? How about a simple server share audit?
Many companies have shared drives, and then they have “over-shared” drives, those locations where anyone who needs a space to store files that they share with a couple departments. Or perhaps your company just doesn’t lock their shares according to the least privilege principle.
No, I’m not suggesting that you don’t answer your phone. Just be careful what you do or say when you are called or contacted.
What am I talking about? A principle I refer to as the CONTACT principle, which will keep your private information private:
Filed under Security, Security Scope
Is it really true that one person’s trash is another person’s cash or treasure? It depends. When was the last time a trash can near you contained anything like this?
Filed under Security, Security Scope, Written by Skyyler
ITauditSecurity 