Firewall Wizards mailing list archives
Kinko's Waning Security
From: Chuck Vose <vosechu () roman-fleuve com>
Date: Wed, 21 Apr 2004 09:52:25 -0700
I work for Kinko's and I'm beginning to worry about the security from above. I would like to hear advice on how to request greater security when you have no buying power or authority at all (the copy guy downstairs doesn't get a whole lot of say over the network decisions). For instance, passwords are getting weaker and weaker. It used to be mandatory to have a 4 digit password to access the register, however it's been lowered to 1 digit. This seems like an incredibly bad idea. Passwords on the email system and the internal core downloads have never changed. In fact, we wrote the password on a keyboard long, long ago and it's beginning to wear off just from people typing on it. I can't rub sharpie ink off with all the grit I can muster, yet it's wearing off through I can only assume erosion. Finally, our brand spanking new business card approval system has the same username and password for every branch in the world. I can access my neighboring branch's system and authorize or delete all the orders I like. Were I inclines I would make a fake order for 8 million business cards at another store, access the auth page, and let the store buy the cards. Once we release the store has to buy the cards even if they aren't sold, but the authorization process isn't limited at all. Hell customers will probably start doing their own cards once they figure out the system (which knowing the internet, won't be long). What do you do when your employer is getting more and more stupid about security? I could go on about the problems, they touch into physical security, VLANs being the main security, poor password systems (in more than the items mentioned). In fact, Kinko's would probably make a fine "How not to secure your company" subject. Compounded, I'm not sure that the manager will know or care. And I'm certain that our IT girl knows far less about it than he does. She doesn't know what spyware is nor why it's a problem for it to be on the ghost images that she uses once a month (there's viruses too). Help! Please!! -Chuck _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Kinko's Waning Security Chuck Vose (Apr 22)
- Re: Kinko's Waning Security Paul D. Robertson (Apr 22)
- Re: Kinko's Waning Security Ryan M. Ferris (Apr 22)
- Re: Kinko's Waning Security Paul D. Robertson (Apr 22)
- Re: Kinko's Waning Security S. Jonah Pressman (Apr 22)
- Re: Kinko's Waning Security Chuck Vose (Apr 22)
- Re: Waning Security Paul D. Robertson (Apr 22)
- Re: Waning Security Frederick M Avolio (Apr 23)
- Re: Waning Security Paul D. Robertson (Apr 23)
- Re: Waning Security Chuck Vose (Apr 23)
- Re: Kinko's Waning Security Ryan M. Ferris (Apr 22)
- Re: Waning Security Crispin Cowan (Apr 23)
- Re: Kinko's Waning Security Paul D. Robertson (Apr 22)