Sorry I haven't kept up as much lately been a little too busy at work.....
Here's one that I came across this week:
http://www.securityfocus.com/news/11520
An employee of TJMaxx has ratted them out over sloppy IT practices at work. He apparently was found about and canned by the company for revealing internal computers matters.
I'm kind of torn in how I feel about this, there is obviously a serious problem in the workplace about proper security in the IT infrastructure of just about any company or government entity these days.
I guess I wouldn't be happy if I owned a company and I was ratted out by an employee to the public about my own crappy security on my computers. (But then again this is me, and I would not allow that to happen in the first place.)
I feel sorry the guy lost his job over this, but if I ever shop at TJMaxx, I probably would pay for my purchases only in cash.
There past lack of security practices (such as allowing their systems to be hacked and have millions of customers credit card numbers stolen) is completely unacceptable.
Make no mistake.....Security is Managements responsibility......they too often ignore what needs to be done, recommended, spend money on for proper security, employee education, and other items.
Its very easy to blame the IT employee geek for all these problems (and Management loves to do so, believe me!), when the employee can only recommend and has no control over the checkbook....he cant fix when he doesn't have tools, education, and proper equipment to do the job and counter the ever evolving threats that continue out on the Net.....
And another thing to future whistleblowers......be careful what you say and pay attention, you could get into trouble. If things are that bad in the workplace, consider leaving and if you do talk, consider some legal advice before doing so. If there is a great danger that people are going to get hurt, do the right thing but be careful......
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment