Keep it secret, stupid!
Neil Johnson
njohnsn at iowatelecom.net
Mon Jan 27 20:42:25 EST 2003
My favorite lock is the electronic lock I saw in a data center. To make it
easier to leave the room, they installed a motion detector near the door to
unlock the door when you walked toward the door. That way you didn't need to
badge out (why they considered this a bad thing, I don't know).
Which is all well and good until you notice that there is a 1/2" gap along the
bottom of the door. Take a dowel rod, tape a piece of cardboard to the edge
(like a flag), stick it under the door, rotate the dowel a couple of times to
trigger the motion sensor, and ta-da! you are in.
Of course during the security audit, the auditors' biggest concern was that
the data center's walls didn't go all the way to the ceiling, so some one
could sneak in over the suspended ceilings (There were no private offices or
closets on adjoining walls of the data center).
My other favorite was a company's policy banning "all company confidential
information" from being stored on PDA's. Of course they said nothing about
all the "company confidential information" being stored in Day-Timer's,
Filo-Faxes, and other paper based personal organizers. I suggested that they
require these users to use secret decoder rings or Pig-Latin to secure the
data and require them to photocopy their organizer's daily (to provide
backups for "disaster recovery").
This is why I have so much disdain for "corporate information security"
departments. They seem so busy plugging the mouse holes in the barn walls,
they forget that the door is wide open.
--
Neil Johnson
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list