I’m sat on the train this morning nearby a chap who has spent most of the journey describing — in detail — the fact that the company’s VPN is not working. It’s annoying having to listen to people who don’t understand that raising your voice doesn’t help the base station keep a lock on your mobile signal. However what was most interesting — or alarming — is that he was reeling off ip addresses, telephone numbers and… Yes… Passwords. I know it’s disappointing for his colleague ‘Pete’ and for ‘Janet’ too, but you’d think describing precisely how to connect to his company’s VPN in front of a packed carriage doesn’t quite count as security best practice. Especially when the chap’s ID badge clearly indicates the company in question *and* the actual building. Always exciting, travel.
Posted via email from MIR Live
I'm still astounded people wear company badges in public as you are basically a target (coming from a military background so I'm a bit more wary than most). Its a pity a lot of internal security policies don't point to the fact that you are a prime material inviting trouble once out in public. Sadly, until something happens involving a badge and/or physical attack nobody enforces the policy.
Totally agree
Come on Ewan… name and shame 🙂
Ah that'd be wrong, Stephen!