Re: Ameriprise Loses Data on 230, 000 Customers and Advisers

[Valdis.Kletnieks () vt edu]

On Fri, 27 Jan 2006 09:18:22 EST, Blanchard_Michael () emc com said:

>  I agree exactly, Think about it, would your company actually store or keep
> your customer records and information on a laptop???  Really, a friggin laptop
> containing your entire customer information database.... Never.  No company
> larger than 1 person would do that....it's just crazy....

Never underestimate the stupidity of users.  People do extracts of databases
to do stupid crap on their desktops and laptops *ALL THE TIME*.

Consider - have you *ever* done an ad-hoc extract to your desktop?  If yes, then
you're part of the problem, and if no, you've either just fallen out of the tree,
or are lying through your teeth....

>  For that reason alone, those stories have got to be stretches of the truth...

I'm sure some are.  On the other hand, laptops often go walkies, and if 10% of
your desktops have unauthorized downloads of corporate data on them, it's likely
the laptop percentage is closer to 20% (after all, many laptop users will do the
extracts so they can work on the plane...)

You want a *real* "WTF??!?", consider when they claim the stolen data was in
a car because an employee was taking it home as part of a disaster recovery plan. ;)

Attachment: _bin
Description:

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.