Read the first part in our rundown of hot security topics, from antivirus to zero-day threats.
Phishers, for instance, are using it to get more sophisticated in targeting their victims (a technique that became prominent in 2005, known as "spear phishing"). In addition, a bit of quality Google time can unearth a surprising amount of data on an individual or company.
And they are not alone in that view. At the start of this year, a university and a manufacturing company in the U.S. banned Google Desktop for the risk it posed to sensitive data and the fear it might be trampling on U.S. privacy regulations.
What is forbidden, is not allowed. What is allowed, wasn't forbidden.
Security used to be based on the latter; what's not nailed down is fair game. Leave everything open then lock it down or put a rule against it when an issue arises. Your users can connect to the internet but when browsing time outweighs work productivity, internet browsing policies get written.
Security needs to be based on the former; if it's nailed down, don't try and pry it up. Block everything then open things up only as needed. Not every work possition needs to access the Internet. Really, it's true. The receptionist doesn't need access to google though they may need an internal phone listing website or external office supply website. The data entry clerk doesn't need internet access to transcribe information from print too database (they still exist in banks if no where else); it's been observed directly, productivity jumps when you can install a workstation without an internet browser.
The more recent focus on information security is causing some tensions as users are suddenly not able to do everything they could yesterday. It's easy to give rights but damn near impossible to take them away without complaints. This is more apperent where the CIO must answer to budget approving executives that force uneducated decisions; "No. We want windows because we recognize it. We don't care if a faster, more secure and completely capable workstion is available. We're afraid of things we don't know."
- sidenote; the worst report I've heard so far is a CIO with his hands tied because the budget authority doesn't want the staff to have a better "computer expierience" at home than they do at work. It's a security effecting information system decision made purely on "keeping up with the neibours". Workstations are for work. They shouldn't have anything on them that's not needed for the job. Idealy, user storage shouldn't even be on the local machine, it should be on your business' network storage shares. I don't envy that poor CIO at all.
But the connection too the article is that users should not be able to (forget "allowed" to, we're past that) install software on there work machines. They log-in, they work, they log out. It is the responsibility of the IT department to do things to the machine so users can do withings with the machine.
The issue shouldn't be *if* users install Google Desktop or similar software on there workstations, it should be *why* where they able to in the first place.
Web giant is spending $120 million to beef up its Mountain View, Calif., headquarters, according to filings with the city reviewed by the San Jose Mercury News.
The Samsung Galaxy Mini 2 S6500 could make its debut at the Mobile World Congress in Barcelona later this month, according to a leaked promotional image.
MIT creates a simulation to celebrate the 50th anniversary of Spacewar. A relic of the early days of minicomputers, it was one of the first computer video games and set the stage for many others, including Asteroids.
Security needs to be based on the former; if it's nailed down, don't try and pry it up. Block everything then open things up only as needed. Not every work possition needs to access the Internet. Really, it's true. The receptionist doesn't need access to google though they may need an internal phone listing website or external office supply website. The data entry clerk doesn't need internet access to transcribe information from print too database (they still exist in banks if no where else); it's been observed directly, productivity jumps when you can install a workstation without an internet browser.
The more recent focus on information security is causing some tensions as users are suddenly not able to do everything they could yesterday. It's easy to give rights but damn near impossible to take them away without complaints. This is more apperent where the CIO must answer to budget approving executives that force uneducated decisions; "No. We want windows because we recognize it. We don't care if a faster, more secure and completely capable workstion is available. We're afraid of things we don't know."
- sidenote; the worst report I've heard so far is a CIO with his hands tied because the budget authority doesn't want the staff to have a better "computer expierience" at home than they do at work. It's a security effecting information system decision made purely on "keeping up with the neibours". Workstations are for work. They shouldn't have anything on them that's not needed for the job. Idealy, user storage shouldn't even be on the local machine, it should be on your business' network storage shares. I don't envy that poor CIO at all.
But the connection too the article is that users should not be able to (forget "allowed" to, we're past that) install software on there work machines. They log-in, they work, they log out. It is the responsibility of the IT department to do things to the machine so users can do withings with the machine.
The issue shouldn't be *if* users install Google Desktop or similar software on there workstations, it should be *why* where they able to in the first place.