The flood of consumer devices such as iPhones into the enterprise and workers giving away snippets of potential sensitive information via social networking sites have emerged as new threats in the information security landscape. During a roundtable at the RSA Conference Europe 2009, in London, Herbert Thompson, chief security …

COMMENTS

House rules Send corrections

This topic is closed for new posts.

Wednesday 21st October 2009 09:43 GMT Anonymous Coward

Pah!

I work for Verizon Business (in the UK) and recently "they" changed the password rules for intranet log-in's to make things more secure. I tried for a few days to think of a password which would be acceptable to the new filter (my normal password is a six letter word, spelled backwards, a "special" character and a few numbers)

Nothing I could thing of would pass the test (any 3 of the following - 1 letter, 1 capital, 1 lower case, 1 special)

For a laugh I tried Pa$$word, yep, that's fine apparently!

Anon, well I wouldn't want to leak any sensitive data!

0 0
Wednesday 21st October 2009 09:43 GMT Il Midga di Macaroni

Thanks for the subtitle!

Thanks El Reg for the subtitle! As a former Pirate of Penzance myself I have to ask - if he had been the very model of a modern Major-General by today's standards, would General Stanley have been an MCSE?

0 0
Wednesday 21st October 2009 20:18 GMT Daniel B.

Simple solution on the device stuff

Ban iPhones from the enterprise network. Mobiles should be using their 3G uplink anyway, not freeloading on the company's net!

Anything other than a secure smartphone should be either banned from the enterprise network, or given access to a "insecure, internet access only" network ... secured by WPA2 (so nobody sniffs out the packets.) Geeze ... I think that leaves only BES-enabled Blackberries in the enterprise network ...

But seriously. If your network infrastructure is having trouble with gadgets using it, you're having a serious security problem; gadgets notwithstanding.

0 0
Wednesday 21st October 2009 20:18 GMT Anonymous Coward

@Pah!

At least you had a few days to think about it - my current employer has ensured that at least twice I have been confronted with:

i) The need to change an expired password immediately

ii) A concurrent but undisclosed change in password rules.

This game is much more fun, because as well as thinking of a new password you also get to figure out by trial and error what format it should have as well.

0 0
Thursday 22nd October 2009 00:03 GMT Anonymous Coward

remote centralised desktops

Many of these problems are then solved.

Except of course, people taking information they are allowed and using it in ways they shouldn't. There's no technical cure for that. That's what P45's are for.

0 0
Thursday 22nd October 2009 00:03 GMT MrGutts

@Daniel B

If you think those CrackBerry's are more secure, then I have some swamp land to sell you. It should be ALL smart phones and not just picking on the Iphone's.

0 0