Whiz kids, hackers, crackers, and security
professionals, my company consideres you insignificant.
I was taking one of those corporate quizes. If you
have ever worked in a larger corporation, you will know what this is, but
if you haven’t, it is a way that corporations try to train their employees on corporate
conduct policies. It is usually things like “Lock your PC when
you walk away from your desk” or “What should you do with paper that
has sensitive customer information on it” with answers like “burn all paper evidence”,
“put a sticky on my monitor with the password attached”, “post social
security numbers and names to as many websites as possible”, and “place
confidential date in locked up place, or in the shredder”.
Well I just scored VERY low on a 5 question test at work. 40%. 2
of 5! I’m dumb founded. I’m even more dumbfounded over this
A significant network/application
security threat to most organizations comes from:
So I guess this means that I don’t have to worry
about whiz kids, nice hackers, mean hackers, or security professionals?
Yes, I checked all 5 and I got it wrong!
Other questions which I got wrong include “What should you do in the event you see someone without a
badge?” I didn’t see an option for “kick their ass” so I picked the
“ignore them” option. I mean, if i can’t inconvenience someone with an ass
kicking, why would I do something like escort them to security, or tell
security? Well, OK, I’d probably tell security, but that option was B and
everyone knows never to answer B.
Also incorrect was “You receive a virus alert from a
friend in another company with all various warnings (e.g. “Pass this along!”,
“This is critical”, “This virus could blow up your computer!”) ”
said “delete it without worrying about it”. I’ve been in the computer
industry for well over 10 years now. I’ve seen the rise of the internet,
the rise of network travelling viruses. I remember floppy disk
viruses. I don’t run virus protection software and I don’t open email
attachments. I’m not stupid, so I don’t get viruses. When I get an
email that says something like that, the first thing I think is JUNK MAIL.
Options which I did not consider were: “send to everyone in outlook list”, “send
to my office friends”, and “send to my help desk”. Well of course I was
not considering that the target of this “Quiz” is jane and joe office computer
user. They aren’t qualified to make decisions about what is safe and what
isn’t. While I consider myself technically qualified to make that
decision, it is not my role at my job, and thus my job probably does not want me
to make that decision. Why can’t I be a good drone?
current music: Rhapsody of Fire – Son of Pain