Shark Tank: But he's feeling a lot more secure now-Computerworld

Home

News

E-mail Newsletters

Networking & Internet

Mobile & Wireless

Security

Storage

Business Intelligence

Servers & Data Center

Computerworld Reports

See your link here

Subscribe to our e-mail newsletters
For more info on a specific newsletter, click the title. Details will be displayed in a new window.

Subscribe to Computerworld
40 years of the most authoritative source of news and information for IT leaders.

Shark Tank: But he's feeling a lot more secure now

Many of the engineers at this big computer maker work at home and log in through a gateway server, says a pilot fish who worked there.

"Once authenticated on the gateway server, they could connect to any computer or server on the corporate backbone," fish says.

"Of course, security on the gateway server was paramount -- any hacker being able to log onto the gateway would have a chance at the entire corporate network."

So sysadmins screen all passwords to make sure they're security-worthy, and they run password-cracking programs every day in case a lame password slips through.

Then management decides to outsource the company's systems administration.

"They canned all the sysadmins and hired a big consulting firm to administer the computers and the network," fish says. "The first thing the new company did was raise security awareness. If anybody at any time became aware of any computer security threat, then they were to call the new 24-hour security hot line and report the problem. Security was that vital."

The next thing the outsourcer does is to give each user a new gateway user name and password, based on the user's actual name and office phone number.

"Each user name was first initial and last name," fish reports. "Each password was initials and phone number. For example, user John Smith at phone extension x1234 would have a user name of jsmith and a password js1234. Users were not allowed to change their password from the official one."

Fish is dumbfounded -- anyone who knows the system and has access to the company phone directory can now log in through every employee's gateway account.

"I marched into my manager's office and told him his new gateway user name and password," fish says. "He thought I was psychic until he thought about it for a second."

Fish calls the new security hot line, and he's told the matter will be looked into promptly.

"After not hearing back for a few weeks, I called back," fish says, "and was again assured that it was being looked into."

A few months after that, fish has found a new job and is leaving the company -- and the password security situation still hasn't changed.

"As a standard security precaution, my gateway account and all other network log-ins were immediately revoked," fish says. "This was to prevent embittered former employees from sabotaging the company.

"But since I happened to know a few thousand gateway user names and passwords, it's lucky for them that I wasn't bitter."

Lost and Found

User swears he hasn't deleted anything, but the eight years' worth of files that were on his laptop are gone. Support pilot fish can't find them either, and there's no backup. "Sorry," says fish, "but your data is lost." Angry user blocks the door, refusing to let fish leave, until a co-worker walks in and asks what's wrong. After user explains, co-worker laughs, "But that's not your laptop -- yours is over in the corner." Read More Read More Shark

Shark Tank: Moral of the ... aw heck, you KNOW the moral

Sales pilot fish at this IT consulting outfit has a list of companies that have bought customer relationship management software, and he's calling them to see if they need help upgrading. Read More Read More Shark

Shark Tank: You sexy thing

One day, while this support pilot fish is working with a departmental clerk, she complains that she wastes lots of time typing the same things over and over. Read More Read More Shark

Shark Tank: Deja vu all over again

Big hotel. Holiday weekend. Long lines of guests. And the lines are getting longer because the hotel's computer network has slowed to a crawl, says a consultant pilot fish brought in on an emergency basis to fix it. Read More Read More Shark

June 23, 2008
June 16, 2008
June 09, 2008
June 02, 2008
May 26, 2008
May 19, 2008
May 12, 2008
May 05, 2008

Join SharkBait today, and offer a few of your own IT war stories. Then tee off about troublesome technologies, clueless consultants, bungling bosses and useless users.

SharkBait home page

Post a story now

Enabling Data Centers that Are Both Automated and Dynamic

See more Webcasts more

The Poll of the Week:

Poll: Which of these devices is most important to have over a long holiday weekend?

	Cell phone
	Digital camera
	GPS device
	Laptop
	MP3 music player/Satellite radio

See all Computerworld Polls

Subscribe to the Daily Shark e-mail newsletter
A chuckle a day right to your inbox, courtesy of Sharky's many intrepid pilot fish.

Clueless Consultants? Bungling Bosses? Useless Users?
Tell me your tale. If it gets published you get a sharp Shark shirt.

Submissions

Shark Tank FAQ

Hungry for some Shark?
Get your fill with our Shark Tank RSS feed

Get the Shark Tank RSS feed

Virtualized iSCSI SANs: Flexible, Scalable, Enterprise Storage for Virtual Infrastructures

Enterprises of all sizes are building flexible storage infrastructures using iSCSI and advanced virtualization technologies. This joint VMware and Dell EqualLogic Virtualized iSCSI SAN white paper describes a virtualized infrastructure that applies storage and server virtualization technologies to cost-effectively achieve a flexible, high-performance, dynamic IT infrastructure that is simple to manage and scale.

Download this white paper

Case Study: Simplified DR Planning and Implementation

LifeLink Foundation needed to provide business continuity and DR of critical transplant related information to multiple locations and needed to manage DR planning and implementation in a hurricane zone. Learn how VMware & Dell's EqualLogic iSCSI SANs worked together to implement two remote sites providing consolidated virtual storage, snapshot-based backup and recovery.

Download this case study

Webcast: Disaster Recovery Simplified – iSCSI and VMware Site Recovery Manager Deliver Results

Quick recovery of operations after a site failure requires major planning and testing, dependent on an infrastructure and recovery plan that can be simply and affordably deployed. Download this Webcast presented by Dell and VMware to learn how new levels of integration between Dell's EqualLogic iSCSI storage area networks (SANs) and server virtualization can help solve these critical issues.

View this webcast

Webcast: Data Protection and Disaster Recovery with iSCSI and VMware

Data protection and disaster recovery are top of mind for any IT manager, and the challenges of complexity and cost remain as obstacles. Dell EqualLogic virtualized iSCSI SANs and VMware Infrastructure 3 enhance the scalability, ease of use, and reliable operation of IT infrastructures to withstand failures and overcome disasters

View this webcast

Virtual Event: Data Center Directions -- Navigating a Sea of Change in Server Technologies and Trends	Ever been to a virtual conference? Introducing Storage Networking World Online!
Beyond consolidation: five reasons why you should start virtualizing	How-to video: Smart steps to efficient power management
Listen to Industry Experts and Engage with Top Visionaries at SNWOnline	Renowned Engineering Institution Chooses AMD Processor-Based Servers
Evaluate a Mac in your Enterprise	Join Tech OnTap: NetApp's monthly technical newsletter.
Go Green Without Sacrificing Server Performance	WHITEPAPER: IT Users Discuss New Ways to Protect Enterprise Data
Kodak i600: Easy on your operators and your bottom line. Learn more about the i600 now.	Microsoft Forefront makes defending your systems easier. Learn how at easyeasier.com
Microsoft System Center - Designed for Big	Thompson Cigars: Fine Hand Rolled Cigars only $19.95 and includes Free Shipping:
Going mobile with today's technology - experience what IP networks will bring to mobile working	To maximize investments in mobile technology, companies must be able to measure productivity gains from mobile working. Find out more.
Web Hosting UK - Managed VPS Hosting Dedicated Server Hosting	Learn more about how HP helped 3M save $3M on printing.
Earn your MSCIS with Boston University in 12-20 months. No GRE required	BlackBerry Technical Seminar July 9: FREE from your PC!
Empower your business with adaptive networks. Visit the IDG Building the Adaptive Network site, sponsored by ProCurve Networking by HP.	Take customer relationship management to the next level. Try Microsoft Dynamics CRM Online for 30 days - free!
HP LaserJet P4014n printer Starting at $699 after $100 IS.	Speed, agility, flexibility - The HP BladeSystem c-Class.
Leverage Your Cisco infrastructure for Superior Application Performance	The arrival of Serial Attached SCSI (SAS) marks a new era in storage scalability
Learn about the AMD Virtual Experience	The AMD Virtual Experience Virtual Trade Show
Learn how to make the most of your IT investments in this live webcast.	"The Definitive Guide to Security Management" Chapter 1: Introduction to Security Management
Easy and affordable PC Disk and File Encryption for Enterprises from the company that protects YOUR Government - Free 30 day evaluation

About Us Advertise Contacts Editorial Calendar Help Desk Jobs at IDG Privacy Policy Reprints Site Map

CIO

Computerworld

CSO

DEMO

GamePro

Games.net

IDG Connect

IDG World Expo

Infoworld

The Industry Standard

ITworld

JavaWorld

LinuxWorld

MacUser

Macworld

Network World

PC World

Playlist

Copyright © 2008 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.

April 10, 2003

April 7, 2003

April 8, 2003

April 9, 2003

April 11, 2003

	Computerworld Daily News (First Look and Wrap-Up)
	Computerworld Blogs Newsletter
	The Weekly Top 10