Porn Policy Collars a Million-Dollar Customer
The HR department bends some rules when offensive content comes in from the company's largest client.
March 31, 2003 12:00 PM ETComputerworld -
A brief altercation this week with a staff salesperson gave me a new perspective on how pornographic e-mail can affect our business.
Like most companies with Internet access, we've had our share of employees who download inappropriate material. To eliminate the excuse that the porn came unsolicited, our most recent policy is quite strict: Anyone who doesn't report even inadvertent access to inappropriate material will be held accountable.
Because of this policy, the security staff has to field calls and e-mails about every offensive message. Still, I'm happy to accept those messages if it means that nobody can get away with downloading pornography by claiming that it was a mistake. But then we heard from Malcolm in sales, who reported receiving an inappropriate e-mail.
Comedy of Errors
I arrived at Malcolm's office with a set of floppy disks, ready to take a copy of the e-mail and its contents for investigation. This was the first time I'd done an investigation with the sales team, and I wanted to make a good impression, since we want them to stress to our customers how secure our company is.
My plan was simple: Copy the e-mail and message headers, delete the original to stop the content from spreading further and investigate the source. Case closed.
But it didn't exactly go well. My company gives Compaq iPaq desktops to most employees. The units are quiet, have a small footprint and work well, but they don't have a great deal of expandability and aren't designed to be upgraded or modified.
The next problem was that Malcolm's machine didn't have a floppy drive. I left him twiddling his thumbs and returned 10 minutes later with a removable drive. Then I discovered that iPaqs come with a locked assembly to stop users from removing the blank plate in order to insert a floppy drive. So I left again. Another 10 minutes later, I returned, this time with a key and the drive. At this point, I was slightly flushed and a little embarrassed.
I installed the drive without a problem and was getting ready to copy the e-mail when Malcolm asked what I was doing. When I started to explain the plan, he suddenly panicked. "Whoa," he screamed, as he tried to grab the floppy disk out of my hand.
Apparently the pornographic e-mail he received came from the key contact at our largest customer. Malcolm was terrified that any kind of formal complaint would alienate his contact. Our company might then lose the account, and there
Security
Additional Resources



White Papers & Webcasts
The State of PCI DSS Compliance at Organizations Today
Download this resource today!
Managing Secure File Transfer to Save Time, Money and IT Resources
Learn how companies are using innovative technology to overcome these challenges and improve user productivity by offloading e-mail attachments and replacing FTP with...
Can Heuristic Technology Help Your Company Fight Viruses?
What is Heuristic Technology and how can it help safeguard your business against viruses? Learn more.
Security Convergence Equals Network Security Cost Savings
Listen to IBM Internet Security Systems' take on network security convergence.
Why Email Must Operate 24/7 and How to Make This Happen
Learn how to avoid an email outage by implementing a hosted email continuity solution.
Lower the Cost and Complexity of a Mobile Workforce through Automation
Download This Resource Now!
Eradicate Spam & Gain 100% Asurance of Clean Mailboxes
Get this paper now!
Managing Mobility: Improve Data Security, Compliance and Manageability
Download This Resource Now!
Mastering eDiscovery: The IT Manager's Guide to Preservation, Protection & Production
Get this paper now!
Disaster Recovery 2008: Reduced Costs and Improved Performance
How long can your Enterprise afford to be without your data? With an accelerated disaster recovery program, you never have to answer this...
