Sunday, May 5, 2024
Latest:

Computer Security Articles

RSS Reader for Computer Security Articles

ComputerWorld Independent 

The price of security: surprisingly affordable

admin

Credit to Author: Sharky| Date: Wed, 28 Jun 2017 03:00:00 -0700

Sysadmin pilot fish works for a company that manufactures steel products that go up — everything from cell towers and guyed masts to utility poles.

“One day a message came into the help desk,” says fish. “A user was concerned that we were going to get audited by the American Institute of Steel Construction, and he wanted to make sure we had all our procedural documentation in order and current.

“His problem was that our web filter was blocking his ability to download the AISC standards documents.”

Fish has a little spare time and he’s very fluent in the use of the web filter, so he picks up the trouble ticket to deal with.

Turns out the user was very helpful — he included a screen shot of the web filter’s block page. Fish can see immediately that the blocked website isn’t associated with the AISC. In fact, the domain-name extension — .co — suggests the site is hosted in Colombia.

Deciding not to take any chances on the company network, fish remotes into his home computer and checks out the site. Sure enough, it’s not connected with the steel-standards group. It seems to be some kind of file-sharing site — and a pretty sketchy one at that.

So fish emails the user directly: “Fred, I see you’re trying to get AISC documents from some site hosted in Colombia. Why don’t you go directly to the AISC’s website and get the documents from there?”

User’s response: “They want you to pay for them.”

Reports fish, “I wanted to reply, ‘So you’re concerned about getting audited by the AISC, and you want me to help you obtain pirated copies of their publications?’ But I didn’t.

“I closed the trouble ticket shortly after, with the suggestion that perhaps going through the legitimate channels is the cost of doing business.”

Sharky sets the standards for true tales of IT life. Yeah, OK, they’re kinda loose, but send me your story anyway at sharky@computerworld.com. You’ll snag a snazzy Shark shirt if I use it. Comment on today’s tale at Sharky’s Google+ community, and read thousands of great old tales in the Sharkives.

Get your daily dose of out-takes from the IT Theater of the Absurd delivered directly to your Inbox. Subscribe now to the Daily Shark Newsletter.

http://www.computerworld.com/category/security/index.rss