Information Security Rant

2 06 2009

Well, since this is now working, I might as well begin.  So for my first rant (and the first thing I need to get off my chest), I will be talking about basic information security.  

In this day and age, many people access computer networks in day-to-day life, and for many of the things we access (whether it be a corporate network / email, or personal email, etc) we have usernames and passwords.  These are in place to stop unauthorised people accessing your private material, or even behaving as you (ie identity theft).  

So to this rant… Why would you give your passwords to anyone??  Although I have heard many lame excuses, I have yet to hear a valid reason.  There are good reasons why corporations implement forced password changes at regular intervals, and that is to take into account the risk of password theft and social engineering, amongst others.  

Now in the most recent account I have witnessed, a personal email account of an individual was regularly accessed by an ex-partner for the last 6 months or maybe more (unknown to the first individual) to “keep an eye on them to make sure they’re ok”.  Furthermore, leading them to take material in private emails out of context, and making accusations at a number of 3rd parties.  Aside from being a disgraceful invasion of privacy, what that ex-partner obviously doesn’t realise is that following amendments to the Crimes Act in this state about 6 years ago, this behaviour of his is a criminal act and carries a maximum penalty of 2 years imprisonment (this is not including issues at the Commonwealth level either).  Furthermore, there have been a number of similar cases with almost identical situations and behavior where prison terms have been served and since Australia follows a hierarchical court system based on precedent, I would imagine the findings of the previous cases would also hold true in this situation if criminal charges were persued. 

Regardless of this fact, if simple information security procedures are always followed, these sort of situations wouldn’t occur.  Please remember to regularly change your passwords and don’t share them with anyone!

Advertisements

Actions

Information

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s




%d bloggers like this: