Security / Privacy Advice? 260
Posted
by
kdawson
from the all-ears dept.
from the all-ears dept.
James-NSC writes "My employer is changing its policy towards employee use of social networks. I've been asked to give a 40-minute presentation to the entire company, with attendance mandatory, on the security and privacy concerns relating to social networking. While I was putting it together, I ended up with some miscellaneous information that pertains to security/privacy in general, for example: the emerging ATM skimming (mainly for our European employees), a reminder that email is not private, malware/drive-by in popular search results, etc. Since these topics don't directly relate to the subject I've been asked to address, I've ended up with a section titled 'While I have you...' I'm going to have the mandatory attention of every employee and I thought it would be a great opportunity to give advice on security/privacy issues across the board. As it's an opportunity that one seldom gets, I certainly want to utilize it fullly. If you had the attention of an entire company with employees in the US, UK, Asia, and Australia, what security / privacy advice would you give?"
Acknowledging the /. audience (Score:0, Funny)
Secure Your Presentation PC/software (Score:5, Funny)
Secure the PC & software you're going to use in the presentation, just to keep pranksters or jealous peers from having fun at your expense. Terribly embarrassing to give a talk on security while boobies are flashing on the screen behind you.
One line (Score:5, Funny)
While you're at it.. (Score:5, Funny)
explain to them that's MY FREAKIN BACON SANDWICH in the fridge! I had my NAME ON IT!!
Farkin' lunch thieves...
Advise them on corporate espionage... (Score:2, Funny)
Tell them how to look out for individuals within the company that may be involved in corporate espionage and point out key characteristics of suspects:
Unexplained Affluence - they have more money than you would expect from their job/life.
Undue Interest - they show up in your department asking questions but have no work-related purpose.
Affiliation - they express low affiliation with the company, or high affiliation with other interests.
Work Issues - they are not happy with their work or feel that they have not been treated fairly.
Questionable Contacts - they associate with or are in contact with persons of competing firms or interests.
Note that depending on your specific industry and company, security discussion of this level may require more than a few minutes.
If you (Score:3, Funny)
Re:Mandatory? (Score:5, Funny)
Re:Mandatory? (Score:5, Funny)
3) you will be fired.
Re:While you're at it.. (Score:3, Funny)
And spend several years in jail for 3rd degree manslaughter. A wiser course is to use something harmless but effective, like laxative or Syrup of ipecac
"Hey John you've been disappearing a lot. Are you sick?"
"Yeah man... I threw up."
"Huh. Hey did you happen to see what happened to my sandwich? Some fool ate it. I'm glad I'm not him because it's a week old."
Re:IT people get security wrong (Score:5, Funny)
and they expire the account if you don't log in every 30 days. Which you don't if you did it right the first time. Which happened to me yesterday. And cost us 9 hrs of customer visible downtime until the drone in distributed systems management could reset the account. Who was out on a dental appt. Whose backup didn't have a login on the system. Because of an expired account. No shit.
But I rant...
Re:Mandatory? (Score:4, Funny)
4) Profit!!!!