Am I the only one who questions people’s intelligence? Please tell me I’m not
Case in point…
I’m sitting at a red light. It begins raining cats and dogs. I notice a beautiful Mercedes convertible, with its top down, sitting in front of our high end jewelry store.
Suddenly, a women runs out of the store. Jumps in the convertible, rolls the windows up and locks the door. Does not put the top up! She then runs back into the store.
Thankfully the light turns green at this point. The logic of her actions escapes me….
In the world of IT…Passwords Matter.
They keep our computers, data, and random trivialities secure. Each employee is provided their own username…they set the password…security at its most basic, right?
Well…in theory it works in that manner. Unless….
You have a group of people (whole department) who share their username/password with each other. They have it written down so each person can access their computer/email. The reasons?
“Well, we can’t do their work if they’re out sick or on vacation without. Now can we?”
“They need to be able to work my email. I hate reading them.” – This is the Manager of the departments statement
Part of me is dumbfounded. The other part of me remembers two of these users are in our hall of Infamous Clickers for failing in our Phishing Campaigns.
I am at a complete loss….
Cybersecurity can be….entertaining.
Case in point…
Ran a phishing campaign on the whole company.
Every single employee opened the email.
Only 3 clicked on the link within the email. Here’s where it gets entertaining…
First Link Clicker submitted a ticket (WooHooo!). The ticket states:
“I received an email from ‘Internal Person’ but the link is broke. It takes me to some Phishing site. Can you take a look so I can get to the right site?”
Problem with this is:
- She clicked on the link!
- She didn’t read the landing page – If she would have read the ‘broken link’ page she would have discovered it was a page all about how she’d been Phished by IT – how to spot Phishing emails, and what to do if you click on the link, or enter credentials.
She did show us, definitively, who our weakest link is – pun intended.
Second Link Clicker did not submit a ticket (Boo!) but, they did come back to the office to report:
- They received the email and thought it was suspicious.
- Left it overnight because they thought it was suspicious.
- Didn’t hear anything about the email being suspicious so…
- Clicked on the link in the email to see what it was about but…
- Wasn’t sure what to do since it didn’t take them to a log in page…
Oh, and did I mention this was all AFTER we (IT) had sent out an email about the ‘suspicious’ email. Telling everyone not to click on the link, and to delete it.
And there we have weak link number 2.
The third link clicker has not come forward. We will find them. We will catch them next time. We will smack their hands for clicking the link. For now though…the two above will go down in the hall of Infamous Clickers.
I can’t wait to send out the next campaign!
Conversations outside the office door….
“I was wondering where you wanted me to stick that….”
“Not stick it, but stick it”
Because defining where it is to be stuck without sticking it is key!
In the land of IT error messages are both a blessing and a curse.
Actual error messages:
- Unacceptable SQL statement.
- The statement is too long or too complex.
- Illegal use of the specified keyword.
- FETCH cannot make an INSENSITIVE cursor SENSITIVE. <– Is this an HR issue?
- You tried to create an object that already exists
- Operation operation is not allowed on system databases
- The clauses are mutually exclusive <–Monogamy in the tech world?
- The DELETE rule must be DELETE-rule <– Persistent isn’t it?
- Table table-name cannot be created in specified table space table-space-name because it already contains a table
- The statement is rejected by data definition control support. reason reason-code
- Unavailable resource. Someone else is locking your data.
Error messages are sooooo helpful!
When experiencing technical difficulties one must enter the server room quietly….
…for a server always works while being observed!