Re: Kronos + Java

[Roger A Safian <r-safian () NORTHWESTERN EDU>]

Maybe they are one of the vendors on this list and they can see the results of their poor security choices?
From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of David 
Shettler
Sent: Wednesday, April 11, 2012 1:16 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Kronos + Java

I would encourage anyone experiencing this same issue to have your application owners do the following:

call global support, hit 0, request to speak to a support manager, that you are not happy with the response you are 
receiving from support.  It'll get escalated.

When I did this, they claimed that few people had been experiencing issues.  Feel free to cite Holy Cross, though were 
small potatoes compared to some of you.

We are considering a new solution for time management as a result of this.  If a company is this lax about security in 
2012...

------------------------------------------
ITS will never request your password via email.
> > > Roger A Safian <r-safian () NORTHWESTERN EDU<mailto:r-safian () NORTHWESTERN EDU>> 4/11/2012 2:06 PM >>>
Maybe we could collectively lean on Kronos?  They suggested this to us as well, and it's completely unacceptable 
behavior (IMHO) for a company whose product deals with this type of information to have such a  casual attitude towards 
security.