Stupidity trumps security

Friday, 2 May 2003, 11:38 AM EST

The attorney I was chatting with over coffee smiled and then launched into what could only be called a horror story -- at least if you were her client. "My client's soon-to-be-ex-wife apparently wanted to get back at him," explained the attorney, one of the top divorce lawyers on the east coast. "So she got into his office somehow and then used his assistant's computer to send an e-mail message to everyone in the company telling of his affair with one of his coworkers."

We chatted longer, my friend telling of the pain the e-mail caused her client. But I wondered how any company could have security so lax that an outsider could sneak in and send an e-mail to the entire company. Didn't the managers of the company know that they had a responsibility to ensure the privacy of their customers and other employees, as well as to safeguard information critical to the running of the company? Apparently not.

I thought through all of the security holes the scorned wife apparently exploited. First, there was no physical security, or she would never have been able to get into the area with the computers. Second, she was able to get into an employee's e-mail account without knowing any passwords. And third, how was it that she was able to create a message to all of the other employees without knowing who they were?

[ Read more ]


Top 5 Android Marshmallow enterprise security benefits

Google’s new Android Marshmallow operating system offers important new security and ease-of-use features that improve its functionality for both enterprise and individual consumers.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Tue, Oct 6th