Software is just one component of security

Dal blog ZDNet Open source, dopo che Citigroup, uno dei gruppi bancari più grandi del mondo, ha reso noto di aver smarrito alcuni nastri con i dati personali di 3,9 milioni di clienti durante il trasferimento con UPS.

Here’s an important lesson for everyone, whether you run Linux, Solaris, Windows, OpenBSD, Mac OS X, or MS-DOS — your customers’ data isn’t very secure when tapes carrying sensitive customer data go missing in transit.
This should serve a strong reminder: You can run any OS you like, apply every patch as soon as it comes out, enforce ridiculously strong passwords, keep your firewalls well-configured, and so forth. It all falls down when an organization has poor physical security or poor security processes. []

I dati registrati sui nastri erano in chiaro, zero crittografia.

[via ZDNet Open source Blog]

Comments are closed.