While it might be tempting, when faced with all the complexities and costs of security solutions, for a small to medium sized company to just look the other way when it comes to security, to just keep thinking that that's a problem for those bigger, more well-known companies, but as data breach after security attack now-a-days attests, that's exactly what hackers are hoping you do.
And the do-nothing approach, when it comes to data security, hackers are not even your main problem. If the temptation and capability is there to snoop on other people's data, many employees simply find it too irresistible to resist. And this is not just a problem for SMEs.
One big proponent of taking an active role in your security is Mike Rothman, who is hosting a security roundtable next week right here at ebizQ, called Threatscape 2008, where he's going to explore this subject in depth, along with many other threats critical to companies today, which you can check out right here.
A recent article at The Courier-Journal shows exactly how overly tempting unprotected databases can be. Employee's at Milwaukee based WE Energies, which is Wisconsin's largest utility, routinely dipped into the massive utility database. Landlords checked on tenants, friends checked up on acquaintances, girlfriends delved into the records of ex-boyfriends, and those are just the ones that got caught.
Most distressing of all is, apparently, this is common practice with utilities. The WE Energies database included stuff you would expect, like credit card info, banking history, payment history, SS#s, address, phone, and energy usage, but things you would never suspect, like income and medical info. Pretty much everything you'd ever want to know about a friend or enemy (or the new type of acquaintance, the frenemy), but would never dare ask.
Besides just being wrong, this sort of data dipping should be illegal, but whatever it is...it all starts with whoever is overseeing the database. Databases need to be locked up, and then database access needs to be monitored, or easy access like this can quickly spiral into easy lawsuits.
Leave a comment