Site Sponsor:

mcafee_logo.gif
line

Now Available:

Featured Resource:

line

Realtime Communities

line

Newsletter

Email Address:


line

Monthly Archives

line

RSS

line

Ask the Expert

Have a question for our resident expert? Email your questions to Dan or post a comment to the blog.

« Rich Internet Application (RIA) Security | Main | TJX Breach Worse Than First Reported »

Smokers Take Another Hit - Now They're Blamed for Weak Security

This is not a good time to be a smoker. NetworkWorld is reporting about one incident where a penatration tester was able to enter a building through a door left unlocked by a smoker (Smokers may be the weak IT security link - Network World.) You must be kidding me? The only thing newsworthy here is that a respected publication would post this story.

The problem of weak physical security is real. Holding doors for colleagues rather than making them scan their badges happens all the time. I've seen it at virtually every client I've worked with. Sure, this habit can be exploited with social engineering and we need to be more aware of the potential threat. That's the real story.

I'm not a smoker and I don't understand how this incident justifys the headline "Smokers may be the weak IT security link."

For more on physical security, see Physical and Digital Security Convergence.

Tags:  
 Email This!  Digg it!  Sphere it!  Del.icio.us  Reddit!  Newsvine

Posted by Dan Sullivan on February 21, 2007 1:20 PM |

TrackBack

TrackBack URL for this entry:
http://www.realtime-websecurity.com/type/mt-tb.cgi/228

Post a comment

(All comments are approved by site leader before appearing here. Thanks for commenting!)

Search

line

Most Active Posts

line

Library Resources

line
line

Recent Posts

line

Categories

line

Latest White Papers

line

Blog Roll

line

Dan Sullivan's Bio:

Dan Sullivan is a systems architect with 20 years of IT experience that includes engagements in enterprise security, application design, and systems architecture. His experience includes a broad range of industries, including financial services, manufacturing, government, retail, gas and oil production, power generation, and education. Dan’s security-related project work has ranged from requirements analysis for enterprise information security to designing and implementing security for database applications and enterprise portals. Dan has written about information security and other enterprise information management topics for Business Security Advisor, DM Review, Intelligent Enterprise, and E-Business Advisor. You can contact Dan at: dan_sullivan@realtimepublishers.net