Originally posted by Pogle
View Post
- Visitors can check out the Forum FAQ by clicking this link. You have to register before you can post: click the REGISTER link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. View our Forum Privacy Policy.
- Want to receive the latest contracting news and advice straight to your inbox? Sign up to the ContractorUK newsletter here. Every sign up will also be entered into a draw to WIN £100 Amazon vouchers!
Informing mgt their security is leakier than Luisa Zissman's fanny rag
Collapse
X
-
-
Post the information anonymously on the 'net and see the company sink, serves them right“Brexit is having a wee in the middle of the room at a house party because nobody is talking to you, and then complaining about the smell.”Comment
-
Originally posted by DaveB View PostThe key to getting management on board with security issues is to point how how it will either *save* them money if they fix it, or *cost* them money if they don't.
You have to couch it in business terms they will understand and see as relevant to them. Just telling them that they have a technical vulnerability in an application relating to a buffer over flow leveraging a cross site scripting exploit (or whatever the problem is) will not get them to take notice, even if they are the IT manager or Director. It will just irritate them.
You can also throw in the upcoming changes to legislation coming from Europe that will mean increased accountability for data security, introduce legal requirements to report data loss incidents with 24 hours and introduce new sanctions against those that fail to protect information appropriately.
Full review from a Specialist legal firm here: https://www.slaughterandmay.com/medi...ion-reform.pdf there are lots more if you look for them, all saying the same thing.
Email them the problem, the consequences, and, if you have one, the solution.
Couched professionally it should be rewarded rather than punished: and if it is the latter then walk.
My reputation and conscience would make it the only way to go - especially, as you intimate you don't want to stay there anyway.If it looks like a duck, walks like a duck, quacks like a duck,it must be a duckComment
-
Originally posted by northernladuk View PostSnorted my coffee reading this one!
Originally posted by MaryPoppinsI'd still not breastfeed a naziOriginally posted by vetranUrine is quite nourishingComment
-
Originally posted by mudskipper View PostOr a sockie. Didn't nob25 do the dude thing?Comment
-
as DaveB said.
Write a professional email highlighting the issues and their possible impact with rough idea of cost. Suggest if possible a solution and rough idea of cost & benefits.
there are plenty of good studies out there from people like Gartner / Forrester covering most common security issues. pick some nice scary & appropriate graphs.
the key point if their is a legal side is you reported it, saves you being the fall guy if the company gets caught.Always forgive your enemies; nothing annoys them so much.Comment
-
Originally posted by Gym beast View PostConundrum....
A) Righteously email management, which creates a electronic chain of evidence that by definition MUST be pursued, whipping up some discontent, risking antagonising HE WHO SIGNS MY TIMESHEETS, or;
B) Drop a quiet word in the meeting room, knowing full well if I tell them verbally, nothing will be done, then walk offsite in a few months with much fatter pockets, but knowing a big brand name who are in the business of safeguarding lives can't even completely safeguard their data?
WWYD ???
Either way unless you know exactly what you are talking about you are heading for hot water, I would do neither, I would have a quite word with InfoSec team and raise it to them, they will assess the actual risk as is their job, and if they raise it to management it will carry more weight than some contractor.Originally posted by Stevie Wonder BoyI can't see any way to do it can you please advise?
I want my account deleted and all of my information removed, I want to invoke my right to be forgotten.Comment
-
Comment
-
Originally posted by vetran View Postas DaveB said.
Write a professional email highlighting the issues and their possible impact
Dude, we've like totally got a problem with our data security. It’s like people could find out about the babes n stuff and that would be like most most heinous. If that happens I’d be like, “dude, i totally told you this would happen” and you’d be like “no way!” and I’d be like “way!”Comment
-
Originally posted by d000hg View PostDid you read about people snorting Coke and think "hey, any caffeinated beverage will suffice?"Originally posted by Stevie Wonder BoyI can't see any way to do it can you please advise?
I want my account deleted and all of my information removed, I want to invoke my right to be forgotten.Comment
- Home
- News & Features
- First Timers
- IR35 / S660 / BN66
- Employee Benefit Trusts
- Agency Workers Regulations
- MSC Legislation
- Limited Companies
- Dividends
- Umbrella Company
- VAT / Flat Rate VAT
- Job News & Guides
- Money News & Guides
- Guide to Contracts
- Successful Contracting
- Contracting Overseas
- Contractor Calculators
- MVL
- Contractor Expenses
Advertisers
Contractor Services
CUK News
- Streamline Your Retirement with iSIPP: A Solution for Contractor Pensions Sep 1 09:13
- Making the most of pension lump sums: overview for contractors Sep 1 08:36
- Umbrella company tribunal cases are opening up; are your wages subject to unlawful deductions, too? Aug 31 08:38
- Contractors, relabelling 'labour' as 'services' to appear 'fully contracted out' won't dupe IR35 inspectors Aug 31 08:30
- How often does HMRC check tax returns? Aug 30 08:27
- Work-life balance as an IT contractor: 5 top tips from a tech recruiter Aug 30 08:20
- Autumn Statement 2023 tipped to prioritise mental health, in a boost for UK workplaces Aug 29 08:33
- Final reminder for contractors to respond to the umbrella consultation (closing today) Aug 29 08:09
- Top 5 most in demand cyber security contract roles Aug 25 08:38
- Changes to the right to request flexible working are incoming, but how will contractors be affected? Aug 24 08:25
Comment