How to Approach Customers with Security Issues?

← Back to Stories (view on slashdot.org)

How to Approach Customers with Security Issues?

Posted by Cliff on Tuesday September 20, 2005 @01:30PM from the break-it-to-them-gently dept.

stuntshell asks: "We're a group of IT Professionals and we're starting our own consulting firm. We're most systems administrators, and not business admin, nor lawyers, and we're all have worked on big companies and most of the time the job to be performed was just passed on to us. The scope of the work we're about to perform will be security related, so how do you approach a customer in this kind of business? Do you wait for them to come and ask you to test their firewall? Or do you go scanning and discovering holes on other's network for you to offer them your solution? Do write a letter/email or do you propose a meeting? What works?"

7 of 73 comments (clear)

Min score:

Reason:

Sort:

re: What Works by xmas2003 · 2005-09-20 13:35 · Score: 4, Funny

Get submittal about your company approved on Slashdot
Every company reads about you and wants to hire you.
Profit ... oh s*it ... forgot to post our URL!

--
Hulk SMASH Celiac Disease
We don't need no stinkin' salesmen by hoggoth · 2005-09-20 14:14 · Score: 2, Funny

Is it too late to get your old job back?

--
- For the complete works of Shakespeare: cat /dev/random (may take some time)
Re:Aaaarrrgghh... by BaudKarma · 2005-09-20 14:30 · Score: 2, Funny

On the other hand, if you hack into their network and let them know they're vulnerable, *then* you make a polite sales call offering security services, but you don't link yourself in any way to the previous break-in... you might catch someone in panic mode.

Not terribly ethical, I suppose...

--
It's the land of the brave, and the home of the free
Where the less you know, the better off you'll be.
Re:No, no, no! by QuantumG · 2005-09-20 14:43 · Score: 2, Funny
- Hack MegaCorpWithBadIT.
- Vandalise their website or whatever.
- Wait for Head IT Nerd to search Google for security solutions.
- Make sure your company is in the top 10 hits by modifying the Google response in transit (and replace all the links to the other sites with a link to yours just in case).
- obligitory ????
- Profit!
--
How we know is more important than what we know.
Not to mention by (Score+5,+Flamebait) · 2005-09-20 18:25 · Score: 2, Funny

Sniffing me, then offering to plug the holes for a price is almost the equivalent of blackmail. This may earn you one of 2 things: ...and in a bar, this kind of behavior will almost *certainly* get you slapped, hard.
Re:Aaaarrrgghh... by Frantactical+Fruke · 2005-09-20 18:44 · Score: 4, Funny

That's a very nice firewall you've got there. Would be a shame if something happened to it...
Re:Might want to think about keeping your day jobs by Anonymous Coward · 2005-09-20 23:51 · Score: 1, Funny

"there are much more interesting and profitable markets to break into"

Haha! "break into". I get it!