Simply denying that they look at data if it does not relate to the game is not good enough -- game companies have already caused data from other programs on a system to be gathered and transmitted in clear text over the Internet. Were Blizzard to find itself holding inadvertently gathered sensitive data from a Nasdaq or Defense Department systems administrator's desktop, I doubt the "We didn't look at it" argument would get very far.
In the end, we choose these problems. If I want to give up my home system privacy for an online hit that keeps me going for a few hours at a time, it's my choice, and it's my responsibility to know the consequences. If I'm sensible when faced with ugly licensing terms for interactive games or media, I'll choose not to install, play, watch or listen. If I'm informed, I'll know what remote self-help is and shun it for my own good as well as that of others.
But I don't usually have the right as an individual to choose these risks for an organization with other people and data that's not my own property. Organizations should promote this understanding through better security training and awareness -- even if most may settle for just an admonishment not to install unauthorized software.
At risk of promoting dubious Internet addiction-treatment scams, it might be a good idea to provide counseling to those who just can't help themselves and would otherwise put themselves and others in positions of risk. As a man familiar with creating serious problems for those around him once said, we're all our own prisons, we are each all our own wardens, and we do our own time.
Jon Espenschied has been at play in the security industry for enough years to become enthusiastic, blasé, cynical, jaded, content and enthusiastic again. He is currently a senior security consultant in Seattle, where his advice has been ignored by CEOs, auditors and sysadmins alike.
Read more about Security in Computerworld's Security Topic Center.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts