YC

Wednesday, May 11, 2005

Security Policy of a Security Company

Schneier on Security wrote Company Continues Bad Information Security Practices:
An employee hoping to get extra work done over the weekend printed out 2004 payroll information for hundreds of SafeNet's [NasdaqNM: SFNT] U.S. employees, snapped it into a briefcase and placed the briefcase in a car. The car was broken into over the weekend and the briefcase stolen -- along with the employees' names, bank account numbers and Social Security numbers that were on the printouts, a company spokeswoman confirmed yesterday...

(Ed: Punchline coming)

... The company said no policies were violated, and that no new policies are being written as a result of this incident.

Link, Newspaper article

Just a hunch here. Perhaps no policies were violated because they had no policies on print-outs or handling of physical information so technically, they weren't wrong! Perhaps SafeNet should consider changing their overview from

SafeNet (Nasdaq: SFNT) is a global leader in information security.

to

SafeNet (Nasdaq: SFNT) is a global leader in electronic information security only.
Technorati tag:

0 Comments:

Post a Comment

<< Home