Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?
Get HideMyAss! VPN, PC Mag's Top 10 VPNs of 2016 for 55% off for a Limited Time ×

Comment Re:It should read 'stoopid people hath spoken' (Score 1) 982

Yes, but do you really want to go through the password recovery process on a device that someone else has been managing with free reign? What if the configuration wasn't written to the device, you reboot it, and then you're facing a pristine new configuration? Congratulations, you now get to start rebuilding a network by hand with no real idea how it's setup. On top of that the guy who built it is sitting in jail and _really_ doesn't want to help you. You may be locked out, but at least the network still functions.

Comment Re:Soooo (Score 1) 982

That may be, but there are some times when rules don't allow someone with a record to hold a privileged position. I've seen a few cases where people couldn't be allowed to do a certain job because of past actions. They were 20+ years earlier and, IMHO, rather minor. Regardless, sometime it's just not allowed.

Comment Re:PGP (Score 4, Insightful) 542

I would agree with PGP, once the proper legalities and assurances are in place. However, I'd worry about the non-technical issues before working on a technical solution.

There are a number of issues to be resolved before worrying about how to get the data transferred. Has the consultant and/or their firm verified their security and controls to your firm's satisfaction with something like a SAS 70? Are there legal agreements in place concerning the proper controls of this data, the explanations or responsibilities in case of a disclosure, etc.? Has the idea been proposed to create bogus data for testing so that live data isn't used? Can the application be loaded on-site, so that a machine outside of your firm's control will not contain highly-sensitive employee data?

I'd ask a lot of questions like these and get answers to my satisfaction before I sent out any data. I would greatly prefer to have to explain to my management why I'm "holding up the train" than have to explain to my coworkers why I was involved in the disclosure of their personal information and mine.

Slashdot Top Deals

!07/11 PDP a ni deppart m'I !pleH