Font Size

Computer Security and ISO27001


Chris Eden - Quality Matters Limited

Computer/Internet/Software Articles
Submit Articles   Back to Articles

Last week while travelling by train I witnessed a severe breach of security by one of my fellow passengers.

He was obviously angry as he spoke on his mobile phone. He seemed to be speaking to one of his colleagues who was having a problem with one of their computer servers and wasn't sure what to do.

The conversation went something like this...

"You need to log in as an administrator to gain access to the xxxxxxx operating system config file".

"What do you mean you can't remember the administrator password".... For God's sake it is $%^mGGtss76".

"Now you are in the system you should run the yyyyy utility. did that work?"

"Ok now go into the ttttttttt company server called ryytruuuuuuuuy enter the high level administrator password ... letmeinagain8! and run the backup exec file and all should be well. ...If not Barry call me again".

The chap clearly ignored the rest of us and assumed that we were not listening to his conversation.

I asked him if he realised what he had done and that I had sufficient information to hack into his company server. He looked shocked, he hadn't given it a thought.

He used his mobile again.

"Barry, you will need to reset the passwords on both systems now as I seemed to have broadcast them to the entire carriage on this train"

"Yes *********** all right..... I know, see you later. Don't mention any of this to Harry".

The morale here is to ensure that you don't give away sensitive information and certainly not disclose passwords.

Tags: ISO27001, password control, social engineering

About the Author

Chris Eden FIBC, MISSA, ACQI is a director of Quality Matters Limited an established independent management consultancy based in Essex, UK which specialises in ISO27001 Information Security Management consultancy.

Follow us @Scopulus_News

Article Published/Sorted/Amended on Scopulus 2010-11-08 12:03:58 in Computer Articles

All Articles

Copyright © 2004-2021 Scopulus Limited. All rights reserved.