- Innovation, regulation and research on tap at RSA 2008
- Researchers uncover 100 VoIP vulnerabilities
- Badware not pushing users offline
- Web attacks won't stop
- Most sites still hack-able
- Tips on employee monitoring
- Research: IT security maturing, but misaligned
- Clarke sharply criticizes Bush cyber-security plans
- Conference seeks to bridge risk, research
- Core finds new CEO
September 28, 2006 | Comments: (0)
HP made me do it
If you haven't been following the HP case recently you either need to stop working so much, stop reading blogs on how to turn cat fur into yarn, or just plain get out more.
I was secretly hoping that when I came up with the cat hair into yarn idea that I would come up with zip on a Google search, but I was wrong.
Anyway, I have my two cents to add to the whole HP scandal.
This whole HP thing has happened to me.
Well, not exactly in direct relation to HP, or in terms of 'pretexting' and having some PI snag my phone records, or actually having anything to do with HP whatsoever.
But I have been told by an executive 'I don't care what it takes, I want this done and done now'.
And I'll bet dollars to doughnuts you've heard these words uttered (or yelled) in your direction more than once in the recent past.
Isn't what this entire hubbub is really about?
Right now we have to do more with less money and people, so this type of command coming down from the top happens all too frequently. Unfortunately, someone down the chain turned off their ethics filter and 'did what needed to get done' because they were told to. And this individual (or individuals) probably had some slight (either founded or unfounded) fear of losing their job if they failed.
Only now, we have more corporate oversight. And someone got wise to the fact that their phone records were being accessed without their permission.
These two factors contributed to this whole HP thing becoming a debacle and unraveling none too cleanly.
So next time someone says 'I don't care what it takes, just get it done' let's all take a minute to make sure our ethics filters are in place and turned on. Because, as HP is finding out, turning off the filters can lead to one heck of a fur ball.
On the flip side
I think I made mention last year that I think the selling of data that you unintentionally create but may not own (aka your phone records) should be against the law. Unfortunately, it's taken something like the HP scandal to have people really investigate this sort of privacy violation. So a potentially good thing to come out of this debacle is that it may be more difficult for someone to gain access to your (supposedly private) phone records without your explicit authorization.
Posted by Victor R. Garza on September 28, 2006 12:34 PM
RATE THIS ARTICLE:
-
- COMMENTS
The real issue is how do we (Privately and Corporate)secure ourselves against leaks to so-called Journalists (read "Gestapo") ? Journalists seem to believe that they are the saviors and must have a "See all, know all" privilege. Journalists have to follow the law as well.
Posted by: Average Joe @ HP at September 29, 2006 12:01 AMI was watching the governtment hearings on pretexting where the phone company heads were being asked questions about what was being done about this. One question of interest. What is being done for the customers who's records are exposed, then go on to suffer identity theft, and the thousands of dollars in expenses to get that cleaned up? What was interesting was the lack of response from all the phone companys.
Posted by: sam o rogers at September 30, 2006 05:00 PM| ZERO DAY PODCAST |
| Listen to the latest podcast: |
MP3
•
•
•
Archive
•
![[VoiceIndigo Mobilize - Listen to podcasts on your mobile phone]](http://www.voiceindigo.com/ht/images/mobilize_logo_sm.gif){kind=logo}
|
TOP STORIES
ADDITIONAL RESOURCES
- Remote Access: Maintain Security and Decrease the Burden on IT
- Beyond AntiVirus: Symantec Endpoint Protection
- What Every Enterprise Needs to Know About VDI
- Solution for Open Virtualization Provides Server Consolidation
- Help Simplify Virtualization
- A Guide to Rich Internet Application (RIA) Security
