I wonder if you can help she said.
Sure that's what I'm here for. What can I do for you?
So and So didn't print out her marks ready for this meeting and I can't get hold of her to get her password. Could you tell me what her password is so that I can get this document.
I'm sorry I can't do that
But I need this, like now, for this meeting. She should have done it yesterday. It doesn't matter anyway, I used to know what her password was till you made us change it every month. Can't you just give it to me? She only works part-time and this is always happening. I need to get to that file right now. Oh I wish she'd answer her phone. Couldn't you jut give me her password and then change it for her.
I'm sorry I can't do that. I don't know what her password is and there is no way I can find out. I should be able to get the file for you anyway. Whereabouts are you?
Two minutes later I get a phone call. It's ok, you don't need to bother. I've got the document now.
I didn't ask and I don't want to know. There is only so much that we can do here in IT. We appear to be making it difficult all the time.
Passwords must be more than 8 characters long. Must include 3 of four types of characters : little letters, big letters, numbers, characters. Passwords must be changed every 42 days. Passwords cannot be the same as any of the last 24 passwords. Passwords must not include any account details forename surname etc.
For the users this seems to be so much trouble especially when they feel that they only need their passwords to access their email or Company specific sites.
But there are so many other factors. Passwords give users access to their own folder on the file server where they are supposed to store all their personal files. Also access to the teams folders for access and storage of team specific documents. It authorises use of various printers depending on where in the organisation and which team they work. This can be so that they can print to the printers in their building and not print to somewhere 15 minutes walk away (although that does happen) but also so that their printing costs can be allocated to the right budget. Passwords give access to team storage folders. They will give access to areas of the sharepoint server (if it ever gets up and running properly. They allow users to VPN into the network.
All penny pinching, nit-picking rubbish designed to hinder the user of course! But then what about their personal development plans and reviews? Users get their own copy that and in general store it on their personal drive on the file server. They wouldn't want to give their colleagues access to that I am sure. Or the emails calling their boss for every name under the sun at the end of a bad week. Or worse, the email their best mate sent only to them about that afternoon in the store cupboard with the maintenance manager. Of course, as IT bods we have access all areas and some of the things we see in peoples personal folders are, I am certain, meant to remain private.
Then there is the issue of the team folders. You don't want everyone to have access to the HR teams folders to see references, pay scales, discusion meeting minutes for the latest employee. Nor do you want to allow everyone access to Finance with bank account numbers etc etc.
Then there are the people who want to believe they are doing it right. A newish member of staff called me in to help, so I went to her office and sat at her desk. She went out to get coffee whilst I was there. I needed to reinstall a couple of bits and whilst sitting waiting for the machine to start up and run a couple of updates I noticed the persons notebook next to the keyboard. Now, I am not the nosey type but there staring me in the face on the top page were obviously usernames and passwords. So I had a peek and sure enough on this page were account name and password for that person. User name and password and URL for logging into the finance system. User name and password for logging into the personal records system as well as a few others.
When the user came back I pointed this out and he said well there is so much to remember I need to write it down. I understand I said but look at it this way round. I have just come into your office and you have gone out of the office to get a cup of coffee for me cos you're a nice person. But you've left me here with your computer and all the passwords I need to cause no end of trouble or mischief. If you need to write it down I understand but do not let it out of your control, keep it in your handbag, purse, phone cover whatever just not out in open plain view.
To be fair tot he person involved she got it straight away and wasn't put out by me putting my foot down with a firm hand. She tore the pages out of her notebook there and then and salted them away in her handbag.
Not all users are so accepting mind. They want to do things their way and their way only and any other way is wrong.
Security - It doesn't matter what the geeks say and do its the general populance who are the most security lax and will always continue to be I believe
Powered by Qumana
No comments:
Post a Comment