|
My wife came home to find me fitting keypad lock/entry units to our internal doors....
Wife: What are you doing?
Me: Just making the place more secure.
Wife: Are you fitting locks to all our internal doors? Including the Utility Room and Toilet?
Me: Yeah. At work, the security guys have insisted that all our internal websites use https, because...
Wife: I don't give a f*&! what your moronic "security guys" [she air-quoted] do at work. Why do we need locks on our INTERNAL doors when we have locks on our outside doors and windows?
Me: Well, someone might break in.
Wife: And that's why we have a burglar alarm - ISN'T IT?
I can tell she's getting a little(?) agitated, so decide to ignore her question and explain the "benefits"?
Me: So, the way this system works is that: each day a random 12-digit security code will be generated, which can be u...
Wife: Have you gone f&*!ing mental? Or senile? Or both?
Me: Look, once I've got this done, we...
Wife: "We"? There's no f*%!ing "we" anymore! I'm leaving you.
Whilst she was upstairs packing her bags, I got to thinking about the logic of what she was saying - and have to confess, she may have a point. And yes, at work, if we want to RDP on to one of our web servers, (including Dev & Test), even to do something as innocuous as bounce an App Pool, we first have to log on to CyberArk to get the daily random password, (which needs to be verified on a mobile phone app), before we can even log on to the web server. I think "leaving" might be the sensible option.
modified 2-Feb-22 8:47am.
|
|
|
|
|
it is so secure even the people who need in cannot get in.
To err is human to really elephant it up you need a computer
|
|
|
|
|
Security systems are there to keep the innocent out.
Nothing succeeds like a budgie without teeth.
|
|
|
|
|
My granddad always said that "Locks only keep the honest people honest."
Kelly Herald
Software Developer
|
|
|
|
|
Me always said, "Locks only lock locks, not doors."
Nothing succeeds like a budgie without teeth.
|
|
|
|
|
|
Many years ago, I had to visit a secure computer center - so secure the building was designed to be missile proof, and all the doors had tag readers. You didn't have a tag, the door wouldn't open. Visitors didn't get a tag (so we couldn't steal them, probably) which left one problem - even the loo door needed a tag so visitors had to be accompanied to the loo and then "waited for" when they were finished ...
"I have no idea what I did, but I'm taking full credit for it." - ThisOldTony
"Common sense is so rare these days, it should be classified as a super power" - Random T-shirt
AntiTwitter: @DalekDave is now a follower!
|
|
|
|
|
Did it weigh you on the way in and the way out to make sure you weren't stealing anything?
"These people looked deep within my soul and assigned me a number based on the order in which I joined."
- Homer
|
|
|
|
|
OriginalGriff wrote: even the loo door needed a tag so visitors had to be accompanied to the loo and then "waited for" when they were finished ... That sounds like fun
With Crohn's disease I sometimes need an hour (I don't need a smartphone to take an hour). So, they'd wait that time?
Bastard Programmer from Hell
"If you just follow the bacon Eddy, wherever it leads you, then you won't have to think about politics." -- Some Bell.
|
|
|
|
|
I was the system manager on a secured VAX at our local Air Force base back during the 80's. It was located inside a shielded room with a vault door. Getting in and out was a PITA.
Software Zen: delete this;
|
|
|
|
|
Was its node name WHOPPER?
|
|
|
|
|
Actually it didn't need a name, since it wasn't connected to anything else. There were a couple of terminals in the room besides the machine and that was it, not even a printer.
Software Zen: delete this;
|
|
|
|
|
Early in my career I was leading a team of 8 working for a client in a secure are within a secure site. They would only issue one pass which granted permission to inner area which I was not allowed to hand out to others. Food/ Drink and toilets were outside of the secure area and so any team member wishing to use the facilities, needed me to let them in and out. Probably most expensive doorman in the area
|
|
|
|
|
You can bounce AppPool without thorough background check by Mossad!? Highly insecure in my humble opinion.
"It is easy to decipher extraterrestrial signals after deciphering Javascript and VB6 themselves.", ISanti[ ^]
|
|
|
|
|
just for sanity sakes, and not joke going over my head.
If compare the Server to say a Bedroom in your house, what valuables does damaging something in the bedroom do.
Now if you have valuable stuff that stolen, they might be in a safe within your house, and might say why have a safe with security when house has burglar alarm.
The Server might run a small business line application, or some off shoot webpage used for something, but either may be lacking suitable security to the business data which is worth the companies value. (money or reputation if that data stolen)
Cloths in the bedroom, some money that could be replaced.
Company grinding to a halt for a few hours/days while what ever mistake was done on server is fixed is more difficult to replace.
Now if I were to be a sore sport, Id put security on the toilet, more for locking person in until they clean up the mess they made or at least monitor that hands had been washed.
|
|
|
|
|
in my bedroom, I have two safes. One has lots of very important documents. A sheet with passwords to bank accounts, credit cards, cash, etc...
the other one has other stuff that I consider to be just as if not more valuable.
I would consider that my bedroom needs to be secure. But herself also needs to be able to get in there. At least I want her in there.
SO yes bedroom has to be secure.
If you break into my bedroom in my house my life would grind to a halt for a few days.
PS I dont' recommend trying. The dogs might take exception. The security system will note you and like jsop happens to say. IT will be a warm reception.
To err is human to really elephant it up you need a computer
|
|
|
|
|
|
This reminds me of a work incident -- customer required a separate room for our team, in our secure office. So I cleaned out a storeroom with a key-lockable door, and that became the work area, that had to be locked whenever a team member was not present.
The problem? We had 2 keys, one held by the office manager. One morning no keys were present, so 6 of us were standing there, twiddling our thumbs. A 7th person arrives, pushes a chair to the door, and had me steady it. He climbed onto the chair, popped a ceiling tile, climbed up into the space, popped a tile on the other side of the partition, dropped down, and unlocked the door.
Great security, right???
A few years later (same company) a different client demanded security, including keycard access to the work area, that all other company employees were forbidden to enter. Our sales reps and legal eagles missed that in the contract, so it wasn't in the quote (meaning the company was going to eat the cost), and management scrambled to make a secure area at the lowest cost.
In a very large cubicle area, a section was walled off, using the aluminum struts and the thinnest possible drywall. The wall shook when the keycard door was opened or closed ... but the customer was all happy and signed off on it.
It was the same deal -- the walls could be climbed over. Except they were so shaky that anyone trying to do so was risking their life in a wall collapse. It would be easier to punch though the wall next to the door, reach in, and just open the door.
|
|
|
|
|
Yep! Sometimes, ticking box is all that counts.
|
|
|
|
|
I don't know. Phishing emails are the primary source of computer break-ins. That means someone on the inside was the "index case". So, maybe this is a way to keep malware from spreading to business-critical systems?
The analogy might be: somehow somebody gains entry to your home. But if the guy can't open any of the interior doors, he can't get to the good stuff. He may trash the room he gets into but the damage is contained.
It seems like almost all of the "zero-day" vulnerabilities that are announced require some sort of either physical or user-level access to a computer before they can be exploited. Hence the "phish".
|
|
|
|
|
I'm peachless!
Yeah, yeah, getting the coat already...
Anything that is unrelated to elephants is irrelephant Anonymous
- The problem with quotes on the internet is that you can never tell if they're genuine Winston Churchill, 1944
- Never argue with a fool. Onlookers may not be able to tell the difference. Mark Twain
|
|
|
|
|
There was probably a pear of felons.
"I have no idea what I did, but I'm taking full credit for it." - ThisOldTony
"Common sense is so rare these days, it should be classified as a super power" - Random T-shirt
AntiTwitter: @DalekDave is now a follower!
|
|
|
|
|
They are trying to steal your mantle Paul
"Life should not be a journey to the grave with the intention of arriving safely in a pretty and well-preserved body, but rather to skid in broadside in a cloud of smoke, thoroughly used up, totally worn out, and loudly proclaiming “Wow! What a Ride!" - Hunter S Thompson - RIP
|
|
|
|
|
Don't be melon-choly about it.
Freedom is the freedom to say that two plus two make four. If that is granted, all else follows.
-- 6079 Smith W.
|
|
|
|
|
Orange you going to report it to the police?
If you think 'goto' is evil, try writing an Assembly program without JMP.
|
|
|
|