Ethics and passwords
Roy S. Rapoport
rsr at inorganic.org
Sat Aug 30 12:54:47 PDT 2008
On Fri, Aug 29, 2008 at 02:07:06PM -0700, Jennifer Davis wrote:
> I can not believe the 88% number. Seriously, there are ethics about
> having access to information. The people I know in the field are
> pretty strongly willed ethically. What are people's personal ethics
> with regards to stealing passwords? If you have access to the
> information do you do this kind of thing? (maybe it's best to ask this
> anonymously).
Oh, I think it's OK to ask this question non-anonymously. It's answering
it that calls for anonymity :)
I don't know that we'll get a whole bunch of people saying they love to
steal passwords ("I love to steal passwords! BTW, I was recently laid off
and need a job, anyone want to hire me?"), so absent that, I suspect we'll
get some responses along the lines of "I'm a highly ethical sysadmin and
would never steal a password." Personally, I've never stolen passwords or
other information of the type upon leaving companies, though I will admit
I've not always been highly thorough in deleting company data from personal
systems. And then, it's also worth being sure we know what we're talking
about -- My Enterprise Information Security folks and I have had
conversations on the topic, and they're believe that if I take my
outlook.pst with me, I'm taking company-confidential information.
Personally, while I don't care about the email, I know that when I leave
this company, I'll be walking away with my Outlook contacts, or at least a
viable copy of my contacts. I consider this justified, at least partially
because given that my company allows reasonable personal use of company
resources, and my company-provided Blackberry syncs with Exchange, A) Lots
of these contacts are personal, not company-related, and B) most of them
actually came from before I was at this company. We've basically mingled
information, and we're both going to walk away from this job with a
complete copy of this information (the difference being that nobody at my
work actually will care about my contacts).
-roy
More information about the Baylisa
mailing list