Thursday, April 26, 2007

Workstation locked

Today The Bank instituted a group policy that locks the
workstation after a 15 minutes of inactivity. No longer will people be able to walk away from their PCs and have them indefinitely logged in and available. This is just the latest in a flurry of increased security procedures.

They keep ratcheting up the security features in the system when the real threat continues to come from "human engineering." A Verisign study found that most people would give over their passwords in exchange for a premium Starbucks coffee. A pizza, bicycle delivery outfit or an armload of paper will get one past most physical security. How many hundreds of thousands of people have had their personal information compromised because someone left their laptop in an airport terminal? Demanding that passwords be more and more complex makes it more and more likely that users will write them down and stick them under their keyboards because they simply can't remember them.

Inconvenience equals security.

Oh look, another example. The Bank sent out a memo a while back that they would not be participating in Take your Child To Work Day in part because of security concerns. That day is here and I see plenty of employees with their children all over the office.

So much for security.

1 comment:

Stitchin-Liz said...

I totally know what you're talking about. My boss will tell me his password in a room full of people like it's no big deal!