Strict Standards: Non-static method CSS_Switcher::usage() should not be called statically, assuming $this from incompatible context in /home/bigblog/public_html/hipporiver/plugins/pi.css_switcher.php on line 29

Warning: Cannot modify header information - headers already sent by (output started at /home/bigblog/public_html/hipporiver/plugins/pi.css_switcher.php:29) in /home/bigblog/public_html/hipporiver/core/core.functions.php on line 707
the Big Blog Company | Social engineering via USB
“Who yer callin' a sparrow, you schmuck?!”
The bird on the back.
June 18 2006
Social engineering via USB
Adriana Cronin-Lukas
Trackback to this post [1]

Alec Muffet has an interesting article about the clash between the human nature and the manner in which companies try ‘secure’ their networks. He says:

… the reflex I have seen in some City institutions which try to ban iPods, USB sticks and the like, from trading floors and other sensitive environments.

That won’t work - as JP [Rangaswami] approximately put it, if you want [me] to do that, you’ll need to give me the privileges to stop-search the employees and go through their briefcases, pockets, and check what their phone can do; the result will be oppressive chaos.

The proper response is one of embrace and control, that if employees are going to make use of whatever technology [USB, iPod, WWW, Instant Messenger, 802.11, ...], some facility needs to be made to filter and sanitycheck the means to which it can be put, and that you make the means and constraint transparent and well-advertised to your employees.

In short: be fair, and be wise. It might cost a little more in the short term, but will retain respect, employees and be more effective than the “ban everything” approach.

Amen to that.

Page 1 of 1 pages