About Us | Contact Us
View Cart

Let’s think this through!

By Dan Hadaway | Thursday, August 5, 2010 - Leave a Comment

Thinking Through

Technology presents many risks that we discuss on a regular basis.  There are many threats out there . . . . hackers, scammers, fraudsters, even divorcees trying to gather financial information on their ex-spouse!

But there is one threat that we often overlook.  This threat seems to sneak up on us at least once a year.  We usually suffer through the exploits of this threat with embarrassment and sometimes an open checkbook.

This threat is us.  You and me.  Those who create/order/purchase the new technology, those who use the new technology, and even those who see the new technology in use.

Or, you could say the threat is the technology itself.  The way we USE technology . . . . especially new technology . . . . can damage our reputation.   Try to think of some examples in your own experience where the use of a new technology caused problems.  Okay, if you don’t want to relive that pain, let me give you a couple of examples that illustrate my point.

Take the university that sent 1099’s to their contract employees using a fancy new envelope stuffer.  They forgot to tell the stuffer that the 1099’s were printed two per page.  Imagine the embarrassment of those involved when half the contractors called looking for their 1099’s while the other half called wanting to know why they had somebody else’s 1099 on the bottom of theirs!

Or take the medical processing company that decided to put patient account numbers for their client on the outside of envelopes.  The account number had an interesting format . . . . XXX-XX-XXXX!

Surely somebody in the university’s accounting process knew that 1099’s were printed two up.  It would be hard to imagine that somebody in the mailing department at the medical processing company didn’t notice the social security numbers on the outside of the envelope.  Why didn’t they say anything?  Could it be that they assumed that somebody knew what was going on?  Or could it be that they figured they could get into trouble if they held up the mailing deadline?

Whenever we use a new technology, no matter who we are in the organization, we need to think it through.  Let’s try to encourage a culture where everybody is allowed to point out what they see happening in the use of that technology that could be embarrassing or worse.  Of course we should try to think things through in advance of the new technology, but let’s encourage the front line to warn us of anything they see going bad in the use of new technology!

Click here for more information about User Awareness Training!

Intended Use:

The purpose of Vigilize is to respond to ISOs’ complaints that users never read ISO’s “ongoing security awareness training reminders.”  Our tweets are designed to be copied into the subject line of your awareness reminder, with the language on these pages put into the body.  The goal is that the user will have to read the subject line to know to delete the message, and if they understand the subject line the reminder is communicated.  If not, they will go into the message and read the reminder.

Feel free to use Vigilize in your own Security Awareness Program.  Let us know if you have any ideas, suggested tweets, or ways to improve this FREE service.

Posted in Asset Management, Awareness Messages, Schools, User Awareness Program, Vigilize

Related Articles
Latest News
    Endpoint Detection and Response and You Webinar Registration
    Endpoint Detection and Response and You Webinar-Video In this webinar-Video, we will discuss the advantages, considerations, pricing, and configuration concerns when adding Endpoint Detection and Response to your security posture. If you are using a traditional Anti-Virus/Malware solution, you’ll want to consider adding or replacing it with a comprehensive EDR/XDR/MDR solution for the most bang […]
    R7: 2023’s Top Seven Technology Risks Video
    R7: 2023’s Top Seven Technology Risks Webinar-Video What are the top seven risks your board should know about in 2023? Since 2006, Dan has been compiling a list of the “top seven risks small institutions are facing,” in preparation for his board presentations. This webinar will present the 2023 list in a manner that you […]
    Introducing William Summers
    PRESS RELEASE – FOR IMMEDIATE RELEASE BUSINESS NEWS NEW EMPLOYEE FOR INFOTEX We are excited to announce the addition of William Summers to our team as our new Data Security Analyst. William brings a wealth of knowledge to our organization, and we are confident that he will be an invaluable asset in helping us reach […]
    Worf
    Yes, the CISO of the Starship Enterprise On AI replacing the business of cybersecurity. Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . From time to time, my friends from high school, and even some from college, who have a minimal understanding of the cybersecurity […]
    The Consequence of Unintended Consequences
    Artificial intelligence carries risk, but so does organic ignorance … Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . At a recent conference, I noticed two camps emerging in the debate over artificial intelligence. Some people embrace AI as a tool, while others support Elon […]
    Introducing Nathan Taylor
    PRESS RELEASE – FOR IMMEDIATE RELEASE BUSINESS NEWS NEW EMPLOYEE FOR INFOTEX We are pleased to announce the appointment of Nathan Taylor as our new Network Administrator at infotex.  “We are very excited to have Nathan join our team as a Network Administrator and look forward to his contributions to maintaining and improving our infrastructure!” […]
    I saw the news today, oh boy
    about artificial intelligence . . . And who will protect us from it . . .  Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Just watched some press on the the Senate hearings over regulating AI. The normal senator faces, Sam Altman of OpenAI, […]
    Slammed Again
    The Evolution of an Inside Term Used in our Vendor Risk Report Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Those who audit infotex know that our vendor risk report refers to a couple of our providers as “ransomware companies.” This reference started evolving […]
    “Inbox Zero” – Awareness Poster
    Another awareness poster for YOUR customers (and users). Now that we have our own employees aware, maybe it’s time to start posting content for our customers! Check out posters.infotex.com for the whole collection! Download the large versions here: Awareness Poster (Portrait) Awareness Poster (Landscape) You are welcome to print out and distribute this around your […]
    Experts Warn of AI Cybersecurity Risk
    New tools could allow unskilled attackers to launch increasingly sophisticated attacks… An article review. Imagine a world where you receive a call from your boss asking you to assist them with something… only it’s not your boss, but an AI being used by an attacker.  This isn’t science fiction, it’s an actual attack that has […]
To the Blog