Slashdot Mirror

← Back to Stories (view on slashdot.org)

Employees Are The Biggest Security Threat

Posted by Hemos on from the firewall-schmirewall dept.

blankmange writes "BBC News is reporting that the employees of a company pose the biggest threat to security. "Digital cameras, MP3 players and handheld computers could be the tools that disgruntled UK employees use to sabotage computer systems or steal vital data, warn security experts. The removable memory cards inside the devices could be used to bring in software that looks for vulnerabilities on a company's internal network. The innocent-looking devices could also be used to smuggle out confidential or sensitive information." Unfortunately, this is not news, but it is amazing how slowly the general public, corporations included, comes around on issues like these. "

21 of 328 comments (clear)

  1. And this is news? by randomErr · · Score: 3, Funny

    I've had 10 time more computer problems with users trying to install thier own software than any virus.

    Plus when someone is about to be fired they try to e-mail 500 megs of files to thier 10 meg home account. E-mail Bounce of Death anyone?

    --
    You say things that offend me and I can deal with it. Can you?
    1. Re:And this is news? by Zocalo · · Score: 5, Funny
      500megs of files? It doesn't even take that. I've seen this happen with an "Out of office" response email. The luser had setup his Exchange account to send an out of office reply, but forgot to remove an automatic CC to his 10meg home email account.

      Naturally the home account filled up pretty quickly at which point the remote and local servers began a game of ping pong betwen "Out of office" and "Mailbox is full" emails. Since we are an ISP and his 10MB account was on another large ISP this game of ping pong was going faster than a world champion on speed. As a side effect it also resulted in a DoS on the two mail servers as log files and message logs grew out of all proportion...

      So it just goes to show; employees can cause grief even when they don't mean to.

      --
      UNIX? They're not even circumcised! Savages!
  2. it's easier than that to cause harm... by Hooya · · Score: 5, Funny

    call the BSA hotline.

  3. Reminds me of NSA security alert on "Furby" toys by Seth+Finkelstein · · Score: 5, Funny
    This reminds me of the famous NSA "Furby Alert"
    As harried parents scrambled in the weeks before Christmas to get their hands on these homely, high-tech cyberpets that supposedly repeat what they hear, the supersecret spy agency put out a "Furby Alert" on its internal intranet in early December and banned the Furby from Fort Meade.

    "Personally owned photographic, video and audio recording equipment are prohibited items. This includes toys, such as 'Furbys,' with built-in recorders that repeat the audio with synthesized sound to mimic the original signal," the Furby Alert warned NSA workers. "We are prohibited from introducing these items into NSA spaces. Those who have should contact their Staff Security Officer for guidance."

    Sig: What Happened To The Censorware Project (censorware.org)

  4. In other news... by joebp · · Score: 5, Funny
    • Computers run on electricity.
    • People use the internet to do bad things.
    • Pro-wrestling is faked.
    • The news media is biased.
    • The members of all boy-bands are gay.
    • Britney does not want you.
    • Disgruntled employees can steal your valuable corporate information.
    1. Re:In other news... by Psiren · · Score: 4, Funny

      Britney does not want you.

      Oh, thank God for that. It *was* a bad dream after all... ;)

  5. Appropriate Dilbert Quote: by InOverMyFeet · · Score: 3, Funny

    "I don't think its a coincidence that most employee sabotage is done by employees." - Scott Adams

    --

    -- Probability does not dismiss possibility --

  6. Re:Make the workers not disgruntal then... by randombozo · · Score: 3, Funny

    Correction: People who BELIEVE they're happy don't try to screw you over. You're not supposed to actually make people happy. Otherwise you end up with something like a baked alaska.

  7. Damn. by kryzx · · Score: 3, Funny

    So that's the problem! That's it, I'm getting rid of all my employees!! In today's day and age, how can any company risk having autonomous entities of unknown motivation and capability wandering around?!? touching the company's stuff?!!? accessing the company's data?!!!? looking at things?!!!!? Ahhckg!!! Fire them all!!!!!

    --
    "I don't know half of you half as well as I should like, and I like less than half of you half as well as you deserve."
  8. Corporate Managers everywher are saying... by El+Camino+SS · · Score: 3, Funny

    Big Corporate Manager: "Goodness, it says here that our biggest security threat is our employees! Well, I suggest that in order to keep them under control, we should institute a set of draconian rules on their behavior and treat them with the utmost resentment possible! Also, take this down, we should constantly address them like they are a liability instead of an asset."

    Big Corporate Lackey: "We already do that, sir!"

    Big Corporate Manager: "Damn, that was a close one! I thought for a moment there we had a security breach on our hands. Good work. Let's go play some golf."

    Big Corporate Lackey: "I'll get the clubs, sir!"

  9. So remember managers... by Irvu · · Score: 5, Funny
    • Cost of a new overhead camera to spy on employees: $700
    • Cost of metal detectors at the doors and the guards to staff them: $10,000 yr.
    • Cost of keystroke loggers, internet screening software and the techs to track them: $50,000yr.
    • Cost of employees to monitor the guards and techs: $30,000 yr.
    • Living under a cloud of suspicion and paranoia and driving all of your employees away through fear, distrust, and low morale: Priceless

    There's some things money can't buy, for the rest; raid the retirement fund.
  10. FUD Marketing by Morris+Schneiderman · · Score: 4, Funny

    The "biggest threat to security" is almost always the folks working in the Security Department. This has been the case for more than 50 years.

    There could be a good research paper here. Is it because these folks have too much idle time on their hands? Is it because the line of work keeps them focusing on negative activities? Is it because they are exposed to the company's weaknesses and become tempted by them? Is it because this line of work attracts thieves? Is it because companies use the 'it takes a thief to catch a thief' philosophy? Do 'Heads of Security' purposely hire thieves to keep levels of theft up, so as to justify bigger budgets? Outsourcing 'Security' does not solve the problem, it just makes it into someone else's profit center.

    My father tells the story of a guy working at an auto assembly plant who took home an entire car -- piece by piece!

    This 'article' is not News. Look at it's source. It's a marketing piece. Slashdot fell for someone's FUD marketing. I know it's Monday morning, but still...

  11. Memories by rworne · · Score: 2, Funny
    This article makes me get warm feelings of nostalgia of the time where one of my site managers bought a Sony DSC-S70 camera, much like mine.

    I figured out early on that not only can you get pictures out of digital cameras, you can put them in as well. I grabbed his memory stick, put it in my memory stick reader, and downloaded some juicy pr0n and mixed it in with the photos.

    He had a very hard time explaining where the photos came from.

    --
    I tried every decent and legal way I could think of to resolve the issue w/the business before I rented the chicken suit
  12. Re:Im glad this isnt news, true nonetheless by Ivan+Raikov · · Score: 4, Funny

    You seem to write at a 3rd or 4th grade level..

    Well, that's management material right there! You wouldn't want the person in charge of making decisions to articulate their thought clearly and precisely, would you?

    :-)

    --
    Bush Lies Watch
  13. Re:What issues? by atrowe · · Score: 2, Funny
    "Employees could bring in matches and burn the building down too."

    Only if you take their staplers away from them.

    --

    -atrowe: Card-carrying Mensa member. I have no toleranse for stupidity.

  14. Re:or.. by csbruce · · Score: 4, Funny

    You could just bring a floppy/cd with you

    These items and memory sticks, digital camers & mp3 players can be hidden in people's clothing, and therefore, the real solution is to disallow all clothing on the premises of the business. People could also hide such items up their butt, so you'll need to check there too before allowing employees admittance. (Well, maybe not the CD...)

  15. In related news: Life can cause death! by Qbertino · · Score: 2, Funny

    Recently scientist found the astonishing amount of dead that have lived at some time before their demise.
    Prof. Harald Dumpfbacke Radab claims that by removing all living people from society, death could be reduced by up to 99.8%!

    --
    We suffer more in our imagination than in reality. - Seneca
  16. Re:Yeah right... by DrSkwid · · Score: 3, Funny

    no,

    I use a lead bag, the sort for protecting film's through x-ray machines

    never failed me yet. I used to stand behind the plain clothes store detective in HMV while I put the CDs in it. Not for any reason other than it makes a better story :)

    I got nicked pushing a trolley through the doors @ ASDA (now wal-mart) with over £170 of er goriceries in it my bravado having taken over my reasoning. Can't complain though I'd had over £200 of groceries out of the same store that week. My best haul was going up the the security guard in the door with a full trolley and asking him where the cardboard boxes where so I could use them to put the groceries in:
    sg :"Oh, sorry Sir we don't have those"
    me :"Oh bugger, now I'll have to unpack all this stuff and put it in bags"
    sg : "That's ok Sir, I'll get someone to do it for you"

    And I stood there watching the ASDA employees putting my unpaid for shopping into bags for me so I could carry it to the car!

    happy days

    --
    There are places where the networks are not touching,and there are places where they are-Boeing's Lori Gunter
  17. Double entendre? by kubrick · · Score: 2, Funny

    Then they immediately ask me for penetration testing.

    Can you sue them for sexual harassment?

    [ wink wink nudge nudge ] ;)

    --
    deus does not exist but if he does
  18. Re:or.. by Fulcrum+of+Evil · · Score: 3, Funny

    the real solution is to disallow all clothing on the premises of the business

    I hope to god that you're planning on making attendance at the gym mandatory.

    --
    "We returned the General to El Salvador, or maybe Guatemala, it's difficult to tell from 10,000 feet"
  19. The latest issue... by CaptainPhong · · Score: 3, Funny

    In the lates issue of Duh! magazine:
    Health: Cigarettes cause cancer!
    Politics: Research shows politicians like money.
    Business: Profit helps businesses grow.
    Computer security: Your employees' root access is a security threat!

    --
    ... "Give me a woman who loves beer and I will conquer the w