Slashdot Mirror

← Back to Stories (view on slashdot.org)

Securing Personal Data in Small Companies?

Posted by Cliff on from the what-can-you-do? dept.

lohmann asks: "I was recently paying rent in my apartment office when I noticed several of the rental agents frantically shaking a nearby keyboard. Being a geek, I intervened... and plugged the mouse back in. A barrage of performance questions ensued, so I checked their system for any issues. The results were astounding: Windows 95, no firewall, no AV software, and no backup software on a machine containing thousands of individuals personal information (including mine). I ran some utilities and removed dozens of viruses and instances of spyware. I voiced my concerns over security issues, but was told that 'there is no budget for such things' and that 'we haven't had any trouble in the past.' Have any of you run across similar instances of small companies refusing to protect your data? What can I do to convince them to secure the network?"

7 of 90 comments (clear)

  1. sue? by Apreche · · Score: 2, Interesting

    IANAL. However it makes sense to me that maybe you can sue. If a doctor doesn't keep your medical records safe and secure, then I imagine they could be held liable. If this is true, then I assume the same can be true of an employer. If they don't keep your personal information safe and secure, then you can sue them for being negligent or some such.

    Of course, if you just want to give some convincing give them the old risk benefit analasys. If all our computers got hosed how much would we lose? Then prove how likely it is and how often it happens. Then tell them the solution.

    --
    The GeekNights podcast is going strong. Listen!
  2. I volunteered for a day at a local non-profit by quintessent · · Score: 2, Interesting

    I was helping them install some digital camera software.

    The system was running horribly slow. When I opened a web browser to Google and got a pop-up, I knew exactly what was up. Ad-aware (Not to be confused with Ada-ware, which also claims to be an anti-spyware program) found about 6 different spyware apps. Once I had cleaned those off, the system ran 3 or 4 times as fast. Those apps had really cloggled up its limited RAM.

    This was a fairly busy non-profit helping clients pretty much continuously throughout the day.

    --
    Donate background CPU time to fight cancer.
    1. Re:I volunteered for a day at a local non-profit by Piquan · · Score: 2, Interesting

      How do you volunteer as a sysadmin for a day? Is there some sort of clearing-house for these things, or do you know somebody at the charity, or what?

      I think it'd be great to do... using my talents to help charity in an effective manner.

  3. Re:IT for rent arrangement? by bscott · · Score: 2, Interesting

    Cutting a deal? While I genuinely applaud your impulse towards finding an amicable solution via barter, I don't think you're being anywhere near cynical enough... You didn't read what he quoted them as saying - "We haven't had any trouble in the past" That's a psychology which is very, very difficult to fight against.

    If you become a victim of identity theft, it would be difficult if not impossible to trace back to negligence on the part of your landlord (or anyone else in most cases); so unless they are predisposed to worry about it, they're not going to - and they'll probably never really suffer from this attitude. Good luck trying to make a deal with them.

    Then again, I live in an area which is just about the most densely populated in the US; it's possible you might find property managers in less expensive areas who have not lost their souls and brains and might be amenable to reasoned argument. I can't count on having hot water, electricity or the hallway outside my front door to be free of homeless people (getting in via the broken security doors), so I've learned a healthy disrespect for landlords.

    --
    Perfectly Normal Industries
  4. Wireless also a problem by Thyamine · · Score: 2, Interesting

    My friend's old complex had a similar problem. Living right next to the office and the model, he noticed one day that they had installed a wireless router, but had absolutely no security for their network. All their busines information to any who wandered by.

    How do you address problems where the technology is getting easier to use, but where the users aren't spending the time to really learn the technology? I don't want to have to learn how to repair my car just to drive it, so can I expect much more from users who don't understand networking and security?

    --
    I will shred my adversaries. Pull their eyes out just enough to turn them towards their mewing, mutilated faces. Illyria
  5. Patient records by mrph · · Score: 2, Interesting
    Working in Medical IT, I can tell you that that several large vendors of systems holding patient information take second
    to no precautions when setting up servers. Software ship with built-in administrative account using default passwords,
    installation people use easy-to-guess root passwords and so on.

    And we're not talking about Dr. Jones down the street but enterprise-grade installations that can handle really large quantities of patient data.

  6. Talk to Your Neighbors by kmb · · Score: 2, Interesting

    See how the other people in your building feel about the situation. If enough people are pissed off, er, concerned, then you might be able to put some pressure on your landlord.

    Possible repercussions:

    1. Your toilet takes longer to get fixed.
    2. Everyone's rent goes up to pay for $300 worth of software.