I agree with your point in regard to company's disaster recovery systems. Management should consider all security factors in selecting their disaster recovery system and maintain it well.
I found it very interesting to learn that so many companies that have disaster recovery systems are fully aware that the recovery system has major vulnerabilities and operating errors. What then is the point of having the system if it could fail when you need it the most? .
Harry,.
I think that you make an excellent point citing internal security as one of the main IT security issues of today. Employees have access to large amounts of important company information, what is to stop them from manipulating it if they become disgruntled? .
There are ways to try to minimize the internal security risk, but can it really ever be controlled? After working for a company for a period of time you get to know ways around the controls in place. The longer you work for a place the more intimately you become acquainted with the staff and working environment, the easier it should become for you to find ways around the controls in place.
Lu,.
I can honestly say that I have never changed my OASIS password, or any of my other passwords for that point. .
Class,.
I think a lot of interesting points have been made on this topic. IT security is very important, and should be taken very seriously. In thinking about this week's discussion and applying it to my life I have discovered many IT security lapses that I have never considered before. For example, most of my passwords for things like my email, school, online banking, and other various accounts are all the same. I set it up like that just so that I would never forget any of my passwords, and have to go through the hassle of dealing with customer service to access my account. However, I think that I will be fixing them after this lesson=).
Another example of an IT security lapse is one which a discovered at my current job.