I agree David. I made a direct call to the marketing people telling them to change the passwords and then sent a warning out to our management staff.
While it is not our site, it affects our business...technology wise. And since the call went out to help crack the posted hashes, there would certainly be more people looking at it. Most companies use social media for communication to their customers, prospects and future hires. Our employees use sites like LinkedIn for networking. It would be pretty detrimental to a company's image if someone took over a manager's account or the business account and started posting at will. As one that wears many hats, somehow that would reflect poorly on me if I hadn't raised the flag; especially if our account(s) were breeched. I think it was (or would only be) prudent to send out the FYI. I did get a few "Thanks/Done" emails back, so I know someone looked at it. ---------------------------------- Joe Louis Systems Network Manager Guardian Security Services From: David Lum [mailto:[email protected]] Sent: Wednesday, June 06, 2012 5:07 PM To: NT System Admin Issues Subject: To notify, or not notify (LinkedIn) We fired off an advisory e-mail to our staff about LinkedIn and recommending they change their password, and included links to both the LinkedIn Tweet and the CNet article. After the e-mail went out I got bombed by our Service Desk guys (it was my recommendation to send it) asking why we would want to do such a thing since "it's not our website". I felt the scope was sufficient and the business use adequate enough to warrant notifying our employees. I had folks above me agree with me (else it wouldn't have been sent), and the front line guys disagree. This is one of those judgment calls where everyone is going to handle it differently. Did any of you guys send a note out to your staff? David Lum Systems Engineer // NWEATM Office 503.548.5229 // Cell (voice/text) 503.267.9764 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected]<mailto:[email protected]> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
