Art Imitating Life

(or life imitating art?)




Above is a comic from one of my favorite geeky websites, www.xkcd.com. I like the site because there are 3 comics a week that are funny because they usually hit close to home. Just by looking at the image above, you know that the people that we are trying to keep away from our networks are in the right panel.

To be serious, miscreants don't use bleeding edge technology to target your facebook page (unless they're really bored), people with nefarious purpose will break in using the computational equivalent of a $5 dolar wrench. I like this comic because it puts so much into perspective. We need to be secure from the ubergeeks on the left, but we need to be watchful for the thugs on the right. Besides, the thugs on the right are more likely to post embarrassing things about you or your company online.

Let's take the scenario in the comic as real life. I just left my company laptop on the seat in the airport while I went to the bathroom. The two guys grabbed my laptop and noticed that a sticker on it says "property of [fortune 500 company]" -- SCORE!!! They boot it up and notice that it's encrypted. They aren't going to take it and work on the encryption at home, they're going to wait for me to leave the bathroom and coerce me to give them any password necessary.

Here's what can stop this:
  • Educate users that their laptop is, in essence, their livelihood. They wouldn't leave their wallet on the seat, why should they leave their laptop?
  • Try not to advertise the added value of a laptop. Stealing my mom's photos is less valuable than stealing my company's financial and customer data. It's one thing to say "if found return to [a discrete address(make sure when people here aren't vulnerable to social engineering] another to tell everyone that there is important data in here.
  • Encryption is still a good idea. It's better to know that anyone can't just get into the laptop's data if this situation arises.
Granted, this article lacks some real substance, but at least you got a chuckle from the comic ;)

-Tim
Posted on 7:20 PM by Tim Cronin and filed under | 0 Comments »

0 comments: