About Us | Contact Us
View Cart

Let’s think this through!

By Dan Hadaway | Thursday, August 5, 2010 - Leave a Comment

Thinking Through

Technology presents many risks that we discuss on a regular basis.  There are many threats out there . . . . hackers, scammers, fraudsters, even divorcees trying to gather financial information on their ex-spouse!

But there is one threat that we often overlook.  This threat seems to sneak up on us at least once a year.  We usually suffer through the exploits of this threat with embarrassment and sometimes an open checkbook.

This threat is us.  You and me.  Those who create/order/purchase the new technology, those who use the new technology, and even those who see the new technology in use.

Or, you could say the threat is the technology itself.  The way we USE technology . . . . especially new technology . . . . can damage our reputation.   Try to think of some examples in your own experience where the use of a new technology caused problems.  Okay, if you don’t want to relive that pain, let me give you a couple of examples that illustrate my point.

Take the university that sent 1099’s to their contract employees using a fancy new envelope stuffer.  They forgot to tell the stuffer that the 1099’s were printed two per page.  Imagine the embarrassment of those involved when half the contractors called looking for their 1099’s while the other half called wanting to know why they had somebody else’s 1099 on the bottom of theirs!

Or take the medical processing company that decided to put patient account numbers for their client on the outside of envelopes.  The account number had an interesting format . . . . XXX-XX-XXXX!

Surely somebody in the university’s accounting process knew that 1099’s were printed two up.  It would be hard to imagine that somebody in the mailing department at the medical processing company didn’t notice the social security numbers on the outside of the envelope.  Why didn’t they say anything?  Could it be that they assumed that somebody knew what was going on?  Or could it be that they figured they could get into trouble if they held up the mailing deadline?

Whenever we use a new technology, no matter who we are in the organization, we need to think it through.  Let’s try to encourage a culture where everybody is allowed to point out what they see happening in the use of that technology that could be embarrassing or worse.  Of course we should try to think things through in advance of the new technology, but let’s encourage the front line to warn us of anything they see going bad in the use of new technology!

Click here for more information about User Awareness Training!

Intended Use:

The purpose of Vigilize is to respond to ISOs’ complaints that users never read ISO’s “ongoing security awareness training reminders.”  Our tweets are designed to be copied into the subject line of your awareness reminder, with the language on these pages put into the body.  The goal is that the user will have to read the subject line to know to delete the message, and if they understand the subject line the reminder is communicated.  If not, they will go into the message and read the reminder.

Feel free to use Vigilize in your own Security Awareness Program.  Let us know if you have any ideas, suggested tweets, or ways to improve this FREE service.

Latest News
    A Webinar-Movie In our current world of uncertainty there is at least one thing that is certain. Business needs to continue, and that means that it is important for managers to be able to meet with their team even if everyone is working remotely at this point. In this Webinar-Movie, Dan will compare virtual meeting […]
    The One Test… …Is there a Test that Covers 9/11’s of the Battle? Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Twenty years ago two geek-friends and I debated the following question:  “Is there an Audit Test that covers 9/11’s of the battle?” This […]
    PRESS RELEASE – FOR IMMEDIATE RELEASE BUSINESS NEWS NEW EMPLOYEE FOR INFOTEX infotex has just hired Tanvee Dhir, to be a new Data Security Analyst. “Tanvee is an outstanding addition to the team, bringing a new skillset we are eager to utilize.” says Chad Smith, NOC Manager of infotex. “I am really excited to be […]
    While we’re not a news service, we often use current events to comment on trends and our services. This blog is intended to get people thinking about topics and trends in Technology Risk Management, through our article reviews, as well as through original blog articles about current events and our MSSP services (such as our […]
    Seven Trends . . . that small bank Information Security Officers face in 2021 Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Welcome to the Magnificent Seven, my annual predictive article about the seven trends in technology that will impact the Information Security Officers of […]