Anyone Else Want To Sue Over Grand Theft Auto?

Your Employees Don't Care About Keeping Your Computers Safe

from the well,-duh dept

Thu, Feb 16th 2006 11:26am — Mike Masnick

We've heard in the past that employees care a lot less about the security of their employer's computers than they do with their home computers -- and it's not like the average person is that careful with their home computer security either. It's also well known at this point, given study after study after study, that when approached on the street by friendly strangers, it seems security is the last thing on most people's minds. The latest study involves a stranger on the street handing out CDs to random people, telling them the discs contained a special "Valentine's Day Promotion." It seems like that should be plenty to set off warning bells -- but many people simply went to the office and dropped the CD into their computers... where instead of a Valentine's Day promotion, it sent the researchers a note, including where the person was. Plenty of folks at large companies, including financial firms, had no problem just dropping the CD into the drive and letting whatever was on it get installed. So, now all you malicious hacker types know how to get trojans installed inside big companies. Just dupe them with a CD and some story about a promotion. Of course, if the IT staff is any good at these places, it should prevent anything from installing, but that doesn't seem to be the case.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

41 Comments

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread

Dick Cheney, 16 Feb 2006 @ 11:32am

No Shit..
I dont care about my computer at work either.. thats what IT is for, if company skimps on IT, its not my fault they layed them off.. Anyway, when my computer is broken, its a break for me.

How bout a smoke break! YEY

didnt you see the commercial on TV, when the computers are broken, Its great!
[ link to this | view in chronology ]
- Steve, 16 Feb 2006 @ 11:56am
  
  policies
  "I dont care about my computer at work either.. thats what IT is for, if company skimps on IT, its not my fault they layed them off.. Anyway, when my computer is broken, its a break for me."
  
  You know, its that attitude that makes it so that IT has to lock down everything so you can't delete an icon on the desktop without someone's permission.
  
  Way to take one for the group.
  [ link to this | view in chronology ]
- dani, 16 Feb 2006 @ 12:09pm
  
  No Subject Given
  "I don't care about my computer at work..."
  
  And they're firing people for playing solitaire?
  [ link to this | view in chronology ]
- Polanski, 16 Feb 2006 @ 1:19pm
  
  Re: No Shit..
  Hey, Its funny, at the warehouse where I work the employees (mostly Polish) try to hack the computers here, its more like a contest, the reward is an extra long break.
  
  Its the funniest thing! Let me tell you, the workers win many times. HAHAHAHAHAHA
  
  So there is motivation to bring the computers down if you ask me. Anyway the don't pay good, so screw them.
  [ link to this | view in chronology ]
- IT GUY, 16 Feb 2006 @ 1:28pm
  
  Re: No Shit..
  See its that mentality that makes my job that much more annoying. Why the hell should I have to remove viruses/spyware daily from the same people's machine? It takes time away from my more important duties. I am the entire IT staff for my company, so you can see how time is quite valuable for me. Is it really asking too much to use a little caution, if not for your company's sake for my fellow IT workers out there.
  [ link to this | view in chronology ]
  - anon, 16 Feb 2006 @ 2:13pm
    
    Re: No Shit..
    I'm with you IT GUY. It's tough enough when you are the only one dealing with backups, network issues, people calling to sell you crap equiptment, licensing, installs, and hardware issues (for me that includes keeping up with warranties, but I hear that some places that is different). Those are pretty well duties that we in IT deal with everyday. Optionally, that could also include (depending on ancient company policies, a moron for a predessor, a moronic boss, or having a full fledged department of graphic artists)managing SQL, Exchange (or insert other retarded email program here), CRM, Mac computers, all of the graphic art programs that go with mac computers, all of the graphic art programs that go on PCs (we have both Mac and PC because we are a print shop and have to manipulate customer files, and the person heading up the art department has no standards on what types of file we take in), and on top of all that responsibility, some of us are also the helpdesk, company light bulb changer, and manager of some archaic phone system that no one remembers how to actually administer.
    
    I don't have time for my users to act fools, so I took away any basic rights they had with group policy and surf control the first week I took over. They only have access to the tools they NEED to do their job, and nothing more. I get at least one complaint a week about it, but that's not my problem...it's part of policy. Talk to your boss if you really need access to WMP or scankydates.com.
    [ link to this | view in chronology ]
    - IT GUY, 17 Feb 2006 @ 10:34am
      
      Re: No Shit..
      I took away any basic rights they had with group policy and surf control the first week I took over. They only have access to the tools they NEED to do their job, and nothing more. I get at least one complaint a week about it, but that's not my problem...it's part of policy. Talk to your boss if you really need access to WMP or scankydates.com.
      
      I would love if I could do that but unfortunately, my users are all commercial real estate brokers and need access to the web. Configuring a list of restricted/approved sites would take FOREVER.
      
      PC because we are a print shop and have to manipulate customer files, and the person heading up the art department has no standards on what types of file we take in), and on top of all that responsibility, some of us are also the helpdesk, company light bulb changer, and manager of some archaic phone system that no one remembers how to actually administer
      
      I also know where you are coming from on this one too. The art director here is a mac user but my company only has PCs, so she comes to me all the time asking me to do her job, along with mine. And as you said I am also the light bulb changer, furniture mover, and somehow I got stuck stocking my bosses personal refridgerator. And all that is on top of my normal duties. I need a raise... but im not gonna cry like a baby like alot of you did. I'm going to prove I deserve a raise by doing my job to the best of my abilities.
      [ link to this | view in chronology ]
      - Bob the Builderer, 9 Jun 2006 @ 9:28am
        
        Re: Re: No Shit..
        That's the spirit! Work hard and prosper. Sooner or later it will pay off. I bet you won't be like the dipshit who moaned about being an MCSE for 10 years and is making minimum wage.
        
        Proove your worth.
        [ link to this | view in chronology ]
- GrandDaddy, 16 Feb 2006 @ 2:14pm
  
  Re: No Shit..
  And there you have it folks.....the next voice you hear will be East Indian and the next job you have will be pushing a broom. Great Attitude!!
  [ link to this | view in chronology ]
Anonymous Coward, 16 Feb 2006 @ 11:36am

No Subject Given
"... where instead of a Valentine's Day promotion, it sent the researchers a note, including where the person was"

This seems vaguely illegal to me; or, maybe, I'm just confusing illegal with unethical.
[ link to this | view in chronology ]
Network Admin, 16 Feb 2006 @ 12:22pm

Policies
Well, from my point of view i do se why It locks the computers down and need current backups, because when things happen it's a break for them but for us it not. and the Bosses are after you to get it working since it's costing them alot more money then is to secure everything on the computer so the employes can only do what they are needed to. and cann't do anything esle.
[ link to this | view in chronology ]
CSM-Bobcat, 16 Feb 2006 @ 12:42pm

Wrong Paradigm
It would be better if the world at large stopped seeing "IT" as a mystical entity in and of itself. Business doesn't happen anymore without technology and the sooner we all realize that and accept some responsibility the better.

No one is expecting every employee to be a PC whiz but if, individually, we a little effort to gain at least a basic understanding of the technology we interact with the better off and more competitive our nation and respective businesses would be.

And to anyone thinking to themselves �they should pay me to learn��. I would suggest that you 1) shouldn�t have gotten the job in the first place, you aren�t qualified and 2) they are more likely to stop paying you at all and find someone more qualified.

[ link to this | view in chronology ]
Anonymous Coward, 16 Feb 2006 @ 12:43pm

No Subject Given
I'm alright with draconian policies on machines that belong to IT dept as long as theyll waive them for me
[ link to this | view in chronology ]
Me, 16 Feb 2006 @ 1:10pm

I don't care...
I'm one of the IT people in my company... I don't really care about the computers here either... then again I'm underpaid, under appreciated, don't care one rip about the place and would cheer just as much if the building burned down as I would for a raise.

That and if some virus destroys all the computers it gives me something to do other than stare at thousands of lines of code in a program because the boss wants to know why it does this. Also the only reason why anything in the program does that is because sometime long long ago he said make it do this.

If he takes my red stapler I'm gonna burn the place down.
[ link to this | view in chronology ]
- Jim, 16 Feb 2006 @ 1:26pm
  
  Re: I don't care...
  I also work in IT, My pay is crap, I feel like a slave, sometimes they try to sneek out of paying overtime.
  
  Im the only one there serving 200 employees, they are too cheap to get another IT guy to help out even tho them make millions, really I dont care if users mess up their computers and say loose important data, I still get paid $12 an hour, the only benefit of a messedup computer is that aththe end of the year the company throws them out and I get first dibs on taking whatever home I want thet they throw out.
  
  So go ahead and hack that computer, install as many viruses you want, maybe my boss (cocksucker) will get me a pay raise, or get me a helper like I should have for 200 users..
  
  in other workds .. its all good.
  
  [ link to this | view in chronology ]
  - William, 16 Feb 2006 @ 3:29pm
    
    Re: I don't care...
    Or he blames you for not being able to handle all the problems and fires you.
    
    Then convinces himself to hire the high school kid for minimum wage. The kid will do a worst job, but he saves a fortune on pay.
    [ link to this | view in chronology ]
  - William, 16 Feb 2006 @ 3:34pm
    
    Re: I don't care...
    Or he blames you for not being able to handle all the problems and fires you.
    
    Then convinces himself to hire the high school kid for minimum wage. The kid will do a worst job, but he saves a fortune on pay.
    
    And then the boss sees something shiney on the floor and convinces himself there is gold under the floor and has the entire staff help him dig.
    [ link to this | view in chronology ]
  - wolff000, 9 Jun 2006 @ 7:13am
    
    Re: Re: I don't care...
    I feel your pain. I too am the only IT guy to service 300+ pcs and around 12 servers plus the phone sytem, security system and UPS which means checking batteries charges and making sure a HUGE diesel generator is working. I could care less if the computers crash it gives me somthin to do other than the bs work.
    [ link to this | view in chronology ]
Cole, 16 Feb 2006 @ 1:15pm

Screw Work
we are forced to work to make a living... no wonder people don't care about their computers at work... they don't really want to be there... and their bosses or the company they work for might be losing money... but who cares... companies already make more money than they know what to do with... they're greedy and the big corporations pretty much control everything, so who cares about their stupid computers???
[ link to this | view in chronology ]
- Anonymous Coward, 16 Feb 2006 @ 1:22pm
  
  Re: Screw Work
  This is why you remove the CD drives from company computers and keep a portable one in the IT office for installs. That will stop 99% of problems like this. If an employee knows how to use a USB drive to do anything dangerous, chances are we are already have an eye on them.
  [ link to this | view in chronology ]
  - cole, 16 Feb 2006 @ 1:25pm
    
    Re: Screw Work
    suck my dick u honky tonk bitch!!!
    [ link to this | view in chronology ]
Dan, 16 Feb 2006 @ 1:27pm

Two Way Road
When companies start caring about our job security, we'll start caring about their computer security.
[ link to this | view in chronology ]
Computer Guy, 16 Feb 2006 @ 1:36pm

One Password for all
At my job my boss wants everyone to use one login and password for everyone so that he doesn't have to by anymore windows server licenses.

Just think how big of a headache this poses on me!

I am also underpaid.. and pushed around ..
[ link to this | view in chronology ]
CSM-Bobcat, 16 Feb 2006 @ 1:52pm

Slackers!
Better start learning chinese. With the work ethic you've all made so obvious its no wonder you don't get paid better. And it won't be long until some highly motivated non-US based individual takes your job (that you all have made clear you don't really want anyway).
[ link to this | view in chronology ]
- anon, 16 Feb 2006 @ 2:23pm
  
  Re: Slackers!
  CSM-Bobcat, when a company employs (and usually underpays...that's a subject for a different day though) only a single individual for IT, they usually do not have the money to send it overseas. I'd damn near be glad if mine went, because I would get my unemployment, get a certification in air conditioning or something equally mundane, and live the rest of my life without ever having to hear the phrase "I wasn't doing anything, it just happened".
  [ link to this | view in chronology ]
Adam, 16 Feb 2006 @ 1:54pm

Spyware like no other..
I noticed that employees of my clients don't care, biggest problems are Spyware and Viruses and Popup ads.

Most of this stuff is caused by online web based games, porn sites.

Since most of my clients are small businesses, I have installed Smoothwall Firewall with Content Filtering, works well against porn and illegal content sites, the problem is that there is not really good spyware protection out there, including spam.

We use Windows 2003 Small Susiness Server (Includes Exchange E-Mail) which is set to block executables and zip files, we usually lock down the desktop so that USB drives, CD players and floppy drives are disabled.

All work is saved on the server and backed up on tape and also Shadow Copy which allows you to get previous versions of lost work back without any tapes. We use security groups, encrypted folders and passphrases to login. If a coupter has gone down, we first try to roll it back to a previous date, if its really bad, we have a base image on the network that is easily reinstalled on the messedup computer in about an hour, and since everything is saved on the network, there is no data or e-mail loss.

Our mobile users use Treo 650 and 700w, Phones to sync email and calendar to the server over the air, this works quite well, and they usually dont waste time responding to e-mails As well as Blackberrys.

Nothing is fullproof but we do what we can and is available to take care of our client.

http://www.techroot.com
[ link to this | view in chronology ]
- frank, 16 Feb 2006 @ 2:13pm
  
  Re: Spyware like no other..
  adam wrote:
  "Since most of my clients are small businesses, I have installed Smoothwall Firewall with Content Filtering, works well against porn and illegal content sites, the problem is that there is not really good spyware protection out there, including spam."
  
  I work in IT for a company of about 100 employees. We are running a Panda Software Gatedefender 8100 and Panda Business Secure w/TruPrevent and I have NEVER had a spyware or virus problem on our workstations(I've been here 1 year).
  
  But yes, most employees moan and groan when there's restrictions but I'm not going to be fixing things they break.
  [ link to this | view in chronology ]
  - Adam P., 16 Feb 2006 @ 7:04pm
    
    Re: Spyware like no other..
    "I work in IT for a company of about 100 employees. We are running a Panda Software Gatedefender 8100 and Panda Business Secure w/TruPrevent and I have NEVER had a spyware or virus problem on our workstations(I've been here 1 year)."
    
    No Small business with 5-10 users wants to pay over $4000 for all that, anyway PC magazine (pcmag.com) rated the Panda Gatedefender poorly, this is why I use Smoothwall(free) all it takes is an old computer and 2 network cards, the software is free. The computer is usually free too. So the total cost is $0 + My Rate. (about 1 hour) = Everyone is happy.
    [ link to this | view in chronology ]
BirdFood, 16 Feb 2006 @ 1:59pm

Screw up the computer... No problem
I am the IT guy for 220 users; just me and my boss... whos screwups I get to fix too.
When I deploy a computer to a new luser I tell them that if the problem with their system takes me more than 15 minutes to fix I will wipe their system and they can start out fresh!! I don't care about their files and settings it only takes me 15 minutes to Ghost a new image.
[ link to this | view in chronology ]
- Computer Tech, 16 Feb 2006 @ 2:14pm
  
  Re: Screw up the computer... No problem
  sounds like something i would put in the acceptable use policy, making the employee liable if any company information gets out in the open.
  [ link to this | view in chronology ]
MCSE CERTIFIED 10 years experiance, 16 Feb 2006 @ 6:17pm

No Problems at all here!
I use group policies to restrict everything except Notepad, I also made windows boot right in to it, so we get no viruses or anything..

We don't even have the internet.

If you want to print anything you just jump on the typewriter. You know how much paper this saves!

Unfortunetly I only get minimum wage, so this is as much effort I will put in to my job.

[ link to this | view in chronology ]
- E. Nonimuss Howard, 9 Jun 2006 @ 9:24am
  
  Re: No Problems at all here!
  10 years experience and you're making minimum wage. Try another line of work or grow some balls and demand a raise. Hell, Mickey Ds paise more than minimum wage in the ATL.
  [ link to this | view in chronology ]
Computer Junky, 16 Feb 2006 @ 6:23pm

its not my fault
My boss is the one downloading illegal MP3's, Porn, software and other crap, I have to clean his computer every week.

1 retail copy of software runs on all computers. Its what my boss wants.

I work for a law firm. Imagine that ..
[ link to this | view in chronology ]
Uh Huh, 16 Feb 2006 @ 6:39pm

No Subject Given
As an over paid, and highly appreciated IT guy, I sympathize with some of you. I work for several companies, as a consultant. They would rather pay me exhorbitant hourly wages than have a full time IT Dept.

I say bless these virus makers and schmucks, I mean people that put out these viruses and bogus CD's!

You should see my Ferrari!
[ link to this | view in chronology ]
fredfrumppy, 16 Feb 2006 @ 8:54pm

user rights
as a user, i have no problem with restrictive policies because nothing is bulletproof, and if i want more rights, i know plenty of hacks that will get me them a lot faster than arguing with IT.
[ link to this | view in chronology ]
mark, 16 Feb 2006 @ 9:09pm

No Subject Given
All this crap is a direct result of the new business model I saw coming in the 70s...no loyalty to the staff that facilitates your moneymaking, so no loyalty to the company. Approaching retirement? Watch out, you'll be gone. Hell, I can't even get behind a company to buy fuel from. Not many companies are loyal to their customer base. Summer, its Texaco, Winter, now its a BP, Spring? They're all Shells! Crappy product? Find another somewhere else, you ingrate. No refunds!
[ link to this | view in chronology ]
Lim, 16 Feb 2006 @ 10:39pm

So Sad..
My boss doesn't know that I used to be a network admin for the last 10 years or I probly wouldn't be able to get this job, I work for a small office of 150 employees in the mail room. We have our own computer here to type labels and check email, the security is very lax on it and I can see all the servers. Passwords are usually written on a yellow stickey under the keyboard or next to the monitor at most users desks. Every user has local administrator rights. This means I can attach a USB hard drive. We have 1 computer "kid" also underpaid and so he can care less..

Just imagine the shit I can pull off..

[ link to this | view in chronology ]
Far east IT, 17 Feb 2006 @ 3:25am

Why do I care
2000+ users with no admin rights, but more than half of the users are G4-12 students. Locked everything, but every now and than i find another CS server running. We had to put padlocks on the computers because kids would take HDD out, get local admin rights and go nuts.

Underpaid, no funds for PD, but i still don't skimp on my work. I do excellent work, everyone is happy and my bonus is pat on the shoulder. As soon as someone offers more money i'll be out of there with everything i created. I keep most of my documentation and training manuals in my head. Screw them, let the next guy go and figure it out ant that will take some time. Untill than, they can go back to paper and pen
[ link to this | view in chronology ]
Chris H, 17 Feb 2006 @ 5:43am

No Subject Given
I wonder how many people reading this who have granted their users restricted rights have ever heard of an injection exploit and/or are using white listing on their domain.
[ link to this | view in chronology ]
TonyD, 17 Feb 2006 @ 6:16am

No Subject Given
Why should employees care about the security of their computers at work when it's obvious from the news lately that companies don't give a damn about securing their own data.
[ link to this | view in chronology ]
11B3VW8, 17 Feb 2006 @ 8:52am

Yikes..
Sounds like some of you should explore different jobs or career fields. Okay, maybe I'm just lucky. After working like a dog for a few years as a network admin supporting close to 3,000 users and over 100 servers, I'm now the single IT guy in a company of 18 users. And thats when everyone is in the office. We run latest greatest servers, desktops and OS's, lots of remote capability via mini notebooks, handhelds, blackberries, etc.. Solid firewalls, switches and so forth. The owner is not afraid to spend on technology.
Every user has dual 19" monitors as well. All user rights are 'power users', and except for interns all users are mature adults that don't need a lot of hand-holding or policing. We don't monitor web traffic but archive all emails. ALL work is saved to the network, and bunged up PC's are quickly re-imaged. Its rare we have an event with viruses, worms or trojans, but admittingly spyware is occassionally dealt with and carefully watched for.
The best part? I make my own schedule, day-to-day and long term technology planning. I get a very generous salary, 401 w/ profit sharing, health, and lots of perks, such as tickets to ballgames, theatre performances and so forth. Did I mention I'm only a high school graduate with a couple years of tech school? Yeah, I dug a LOT of IT ditches to get here...about 14 years worth..but ya know.. I'm in IT heaven now brother!
[ link to this | view in chronology ]

Hungarians Try An Electronic Watergate

Anyone Else Want To Sue Over Grand Theft Auto?

Follow Techdirt

Essential Reading

The Techdirt Greenhouse

Read the latest posts:

read all »

Techdirt Deals

Report this ad | Hide Techdirt ads

Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Friday
19:39	Important Announcement: Techdirt Is Migrating To A New Platform (0)

Your Employees Don't Care About Keeping Your Computers Safe

from the well,-duh dept

Reader Comments

No Shit..

policies

No Subject Given

Re: No Shit..

Re: No Shit..

Re: No Shit..

Re: No Shit..

Re: Re: No Shit..

Re: No Shit..

No Subject Given

Policies

Wrong Paradigm

No Subject Given

I don't care...

Re: I don't care...

Re: I don't care...

Re: I don't care...

Re: Re: I don't care...

Screw Work

Re: Screw Work

Re: Screw Work

Two Way Road

One Password for all

Slackers!

Re: Slackers!

Spyware like no other..

Re: Spyware like no other..

Re: Spyware like no other..

Screw up the computer... No problem

Re: Screw up the computer... No problem

No Problems at all here!

Re: No Problems at all here!

its not my fault

No Subject Given

user rights

No Subject Given

So Sad..

Why do I care

No Subject Given

No Subject Given

Yikes..

Techdirt Daily Newsletter

The Techdirt Greenhouse

Friday

More

Tools & Services

Company

Contact

More