Simply denying that they look at data if it does not relate to the game is not good enough -- game companies have already caused data from other programs on a system to be gathered and transmitted in clear text over the Internet. Were Blizzard to find itself holding inadvertently gathered sensitive data from a Nasdaq or Defense Department systems administrator's desktop, I doubt the "We didn't look at it" argument would get very far.
In the end, we choose these problems. If I want to give up my home system privacy for an online hit that keeps me going for a few hours at a time, it's my choice, and it's my responsibility to know the consequences. If I'm sensible when faced with ugly licensing terms for interactive games or media, I'll choose not to install, play, watch or listen. If I'm informed, I'll know what remote self-help is and shun it for my own good as well as that of others.
But I don't usually have the right as an individual to choose these risks for an organization with other people and data that's not my own property. Organizations should promote this understanding through better security training and awareness -- even if most may settle for just an admonishment not to install unauthorized software.
At risk of promoting dubious Internet addiction-treatment scams, it might be a good idea to provide counseling to those who just can't help themselves and would otherwise put themselves and others in positions of risk. As a man familiar with creating serious problems for those around him once said, we're all our own prisons, we are each all our own wardens, and we do our own time.
Jon Espenschied has been at play in the security industry for enough years to become enthusiastic, blasé, cynical, jaded, content and enthusiastic again. He is currently a senior security consultant in Seattle, where his advice has been ignored by CEOs, auditors and sysadmins alike.
Read more about Security in Computerworld's Security Topic Center.
- Radicati: Cloud Business Email - Market Quadrant 2013 Google was named the top cloud business email provider in a recent report by research firm Radicati. Out of 14 key players, Google...
- Tablets in the Enterprise: A Checklist for Successful Deployment How can you enterprise manage and secure tablets in order to protect corporate data while providing access to the information and applications employees...
- Enterprise Mobility: A Checklist for Secure Containerization The advantages and disadvantages of the multiple approaches to containerization. Learn More>>
- Enterprise File Sync & Share Checklist File sync and share has changed the way people work and collaborate in today's tech-savvy world. Gone are the email roadblocks, clunky FTP...
- Live Webcast LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy... All Security White Papers | Webcasts