Follow Slashdot blog updates by subscribing to our blog RSS feed


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 internet speed test! ×

Comment Re:It should read 'stoopid people hath spoken' (Score 1) 982

Yes, but do you really want to go through the password recovery process on a device that someone else has been managing with free reign? What if the configuration wasn't written to the device, you reboot it, and then you're facing a pristine new configuration? Congratulations, you now get to start rebuilding a network by hand with no real idea how it's setup. On top of that the guy who built it is sitting in jail and _really_ doesn't want to help you. You may be locked out, but at least the network still functions.

Comment Re:Soooo (Score 1) 982

That may be, but there are some times when rules don't allow someone with a record to hold a privileged position. I've seen a few cases where people couldn't be allowed to do a certain job because of past actions. They were 20+ years earlier and, IMHO, rather minor. Regardless, sometime it's just not allowed.

Comment Re:PGP (Score 4, Insightful) 542

I would agree with PGP, once the proper legalities and assurances are in place. However, I'd worry about the non-technical issues before working on a technical solution.

There are a number of issues to be resolved before worrying about how to get the data transferred. Has the consultant and/or their firm verified their security and controls to your firm's satisfaction with something like a SAS 70? Are there legal agreements in place concerning the proper controls of this data, the explanations or responsibilities in case of a disclosure, etc.? Has the idea been proposed to create bogus data for testing so that live data isn't used? Can the application be loaded on-site, so that a machine outside of your firm's control will not contain highly-sensitive employee data?

I'd ask a lot of questions like these and get answers to my satisfaction before I sent out any data. I would greatly prefer to have to explain to my management why I'm "holding up the train" than have to explain to my coworkers why I was involved in the disclosure of their personal information and mine.

Slashdot Top Deals

"The only way for a reporter to look at a politician is down." -- H.L. Mencken