>using the Dialup service that THEY WANTED, taking source code out >of > version control, and working on it AT HOME. What's to stop them >putting > it on their laptop and taking it home with them? >
Does this not seem like backwards logic? They wanted it, yet they would not abuse it? anything like this should be handled on a case by case basis, by a company officer. ----- Original Message ----- From: "Adam Smith" <[EMAIL PROTECTED]> To: "NT 2000 Discussions" <[EMAIL PROTECTED]> Sent: Monday, May 13, 2002 8:57 PM Subject: RE: completely OT > > > Actually you should assume that everyone is going to steal > > data. That's your job. 95% of theft happens from the inside. > > It's not my job to assume anything. Our employees are entrusted with > knowledge of our data. They work with it every day. They know it > better than ANYONE else. Some of our programmers even work from home, > using the Dialup service that THEY WANTED, taking source code out of > version control, and working on it AT HOME. What's to stop them putting > it on their laptop and taking it home with them? > > Why is this any different to the world of 1976, in a financial office > where the Profits Forecast manager takes home a bunch of files in a > manilla folder? Why is this any different? He's not stealing, but he > could if he wanted to. > > Why do we entrust our financial controller with the backbone finances of > our company? He could easily imbezzle a couple of hundred thousand here > and there and cover his tracks, and who'd be the one figuring out how to > cover his tracks? Him. Who's responsible when he gets caught? Me? > Because I gave him access to our financial data? Or is HE responsible, > for performing the criminal act? > > Sorry my friends, I'm not responsible for that. > > We have never had a major security breach and if we were to have one, > the responsibility would not be on my shoulders. It would be on the > employees shoulders, who breached their terms of employment, and on the > Management's shoulders for having to deal with it. It is a part of our > business that our staff be able to PERFORM THEIR JOB FUNCTIONS, and part > of that is being able to grab data from our server and put it on to CD. > > If they break that code of conduct, they are in the wrong, not me for > providing them with the means to do it. If you gave someone a shovel to > help you work on paving a new driveway, and then had that person ran > around beheading people with it, would you feel responsible?? > > > If you have ever seen it, you would understand why I said > > that. Imagine if you worked for a software company and a > > developer burned your entire new product to CD and then sold > > it. You know who's fault that is? Yours. > > Theirs. > > > You gave him that > > ability. By your theory, everyone should have access to > > everything, since everyone can be trusted. You are not doing > > your job. You are just trying to make things easy on you. > > I do not give everybody access to everything. They already work with > the data they are entrusted with. There is NOTHING stopping anyone from > printing out the source code to our latest major project, *OR* emailing > the source code to one of their friends. > > > As for letting a contractor have a burner on your network, > > sorry dude, but that's just stupid. > > The use of the word "Contractor" is a little different to how you might > think -- they are independent businesses, but they are more or less > employees. They ONLY work for our company, full-time, and it's just > their employment arrangement. Most of them have been here many many > years, and worked only for us. It's just a habit to call them that. > > > Burning CD's does take up my time, but its part of my job. I > > want it that way. > > What happens when we need to get a software update out for a site > breakdown on Saturday? Two options > > > -----Original Message----- > > From: Adam Smith [mailto:[EMAIL PROTECTED]] > > Sent: Monday, May 13, 2002 3:12 PM > > To: NT 2000 Discussions > > Subject: RE: completely OT > > > > > > > > > > > That is probably your biggest mistake. Users regardless of who they > > > are should never have burners. You have completely thrown > > ANY security > > > you have right out the window. > > > > > > IT should always handle the burning of any media. > > > > This is your opinion, and not something that "should be," as > > you put it. > > > > The availability of CD burners depends largely on the nature > > of the business of your company. In my industry, we have at > > least 30 contractors who use their own personal laptops. I'm > > not going to stop them from using a laptop with a CD burner > > in it, because in the nature of my business, there are times > > when people need to create CDs: > > > > - Our technical writers need to burn documentation CDs EVERY DAY. > > - Our Programmers and Project Managers need to burn files > > that don't fit on Floppy Drive to CDs so they can hand them > > over to clients. > > - We often supply CAD drawings to clients. > > > > The Compact Disc is the easiest and most flexible media type > > to use, because floppy disk drives have been ancient > > technology for far too long. > > > > When you hire someone, you don't hire them on the priviso > > that they are going to steal data, and then make every effort > > to stop them. You don't breathe down their necks and say > > "We're the Nazi's of computer security, so leave your HaXX0r > > Sk1LLz at home!" > > > > What's the difference between your HR Officer burning a CD > > full of data from your "R:\Human Resources" folder, in > > comparison to the same person going through the filing > > cabinets and photocopying all of the personnel files? There > > is no difference. S/he's already privvy to this kind of > > information, and if we didn't trust him/her with that > > information, they wouldn't be doing the job they are doing. > > > > > > Now mind you -- our HR Officer does NOT have a CD-Burner. > > Our Technical Writers do, I do, and a number of other people > > do. But I am not here to say that taking away data from work > > is wrong; that's a decision to be made by Upper Management. > > > > > > > > -- > > Adam Smith > > IT Officer > > SAGE Automation Ltd > > > > [EMAIL PROTECTED] > > http://www.sageautomation.com > > > > Phone: (08) 8276 0703 > > Fax: (08) 8276 0799 > > Mobile: 0414 895 273 > > > > "Computers are like air-conditioners; they don't work when > > you open Windows." > > > > > > > > > > > -----Original Message----- > > > From: Kim Schotanus [mailto:[EMAIL PROTECTED]] > > > Sent: Monday, May 13, 2002 9:06 AM > > > To: NT 2000 Discussions > > > Subject: RE: completely OT > > > > > > > > > about 40 have burners... PR, heads of unit... > > > > > > > > > -----Original Message----- > > > From: Martin Blackstone [mailto:[EMAIL PROTECTED]] > > > Sent: 13 May, 2002 5:33 PM > > > To: NT 2000 Discussions > > > Subject: RE: completely OT > > > > > > > > > Your users have burners??? > > > That is a HUGE security hole. > > > > > > -----Original Message----- > > > From: Kim Schotanus [mailto:[EMAIL PROTECTED]] > > > Sent: Monday, May 13, 2002 8:21 AM > > > To: NT 2000 Discussions > > > Subject: RE: completely OT > > > > > > > > > I want to adapt my firewalls and attachment blocking to > > avoid users on > > > the domain downloading these things as our blanc CD's and > > online times > > > are rising too high, and there are rumours that people are swopping > > > DVD's hence my question... > > > > > > -----Original Message----- > > > From: Steve Aldred [mailto:[EMAIL PROTECTED]] > > > Sent: 13 May, 2002 5:00 PM > > > To: NT 2000 Discussions > > > Subject: RE: completely OT > > > > > > > > > I don't think you will find anyone who will publicly admit > > that they > > > know how to violate copyright laws. > > > > > > Steve > > > > > > -----Original Message----- > > > From: Kim Schotanus [mailto:[EMAIL PROTECTED]] > > > Sent: Monday, May 13, 2002 8:58 AM > > > To: NT 2000 Discussions > > > Subject: RE: completely OT > > > > > > > > > > > > Hi guys, > > > > > > apparently there is a way to download films off the net and > > burn them > > > on a CD to be played in a DVD player? Any tips welcome. > > > > > > K/ > > > > > > ------ > > > You are subscribed as [EMAIL PROTECTED] > > > Archives: http://www.swynk.com/sitesearch/search.asp > > > To unsubscribe send a blank email to %%email.unsub%% > > > > > > ------ > > > You are subscribed as [EMAIL PROTECTED] > > > Archives: http://www.swynk.com/sitesearch/search.asp > > > To unsubscribe send a blank email to %%email.unsub%% > > > > > > ------ > > > You are subscribed as [EMAIL PROTECTED] > > > Archives: http://www.swynk.com/sitesearch/search.asp > > > To unsubscribe send a blank email to %%email.unsub%% > > > > > > ------ > > > You are subscribed as [EMAIL PROTECTED] > > > Archives: http://www.swynk.com/sitesearch/search.asp > > > To unsubscribe send a blank email to %%email.unsub%% > > > > > > ------ > > > You are subscribed as [EMAIL PROTECTED] > > > Archives: http://www.swynk.com/sitesearch/search.asp > > > To unsubscribe send a blank email to %%email.unsub%% > > > > > > ------ > > > You are subscribed as [EMAIL PROTECTED] > > > Archives: http://www.swynk.com/sitesearch/search.asp > > > To unsubscribe send a blank email to %%email.unsub%% > > > > > > > > > > > > > > ------ > > You are subscribed as [EMAIL PROTECTED] > > Archives: http://www.swynk.com/sitesearch/search.asp > > To unsubscribe send a blank email to %%email.unsub%% > > > > ------ > > You are subscribed as [EMAIL PROTECTED] > > Archives: http://www.swynk.com/sitesearch/search.asp > > To unsubscribe send a blank email to %%email.unsub%% > > > > > > > > ------ > You are subscribed as [EMAIL PROTECTED] > Archives: http://www.swynk.com/sitesearch/search.asp > To unsubscribe send a blank email to %%email.unsub%% > ------ You are subscribed as [email protected] Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe send a blank email to [EMAIL PROTECTED]
