[Re: Loose Cannon: A Listful of Dollars, Direct Newsline, June 28, 2004]:
Too involved – they should just lock him in a room with a repeating soundtrack
“You’ve got mail! You’ve got mail! You’ve got mail!…”
Drives me nuts.
Stefanie Pont
Managing Partner
Pont Media Direct
Norwalk, CT
* * * * *
I am in total agreement with your opinion. In addition, a well-deserved poo-poo goes to the executives at AOL for not putting safeguards into place to prevent this from going so far. They should be fired too. This is not trivia, nor is it a game. Fire the execs and let others learn that you just can’t screw up and still get that bonus.
How long does it take to copy 92 million of anything, from a computer? Didn’t anyone wonder what this guy was doing with all that bandwidth or computer time? Here is a company (AOL), that demands an excruciating quantity of superfluous credentials for people to even get an interview yet can’t even do the basics to protect their customers identity and possibly the company’s future.
A simple fictitious, unique email address inserted for every email name prefix (a, b, c, etc.), would warn AOL immediately of funny things going on. Since the addresses would never receive email because they are not made public. Therefore, receiving an unsolicited email would have raised a red flag. And, this is just one way to safeguard.
As a follow up, if AOL created email addresses such as [email protected] and these addresses were monitored for incoming email for the purpose of identifying potential illegal activities then they could have known. Even though these “dummy”, (no play on words here), email addresses are real they would never be used on the internet. Therefore, for anyone to know the email address and send email to it would be doing it without AOL’s approval and most likely accomplished illegally.
Regarding stopping unauthorized copying of the file? The operative word here is “unauthorized”. This guy was in fact authorized to access and read the highly sensitive corporate file. Again, AOL blew it. Here the lowest guy on the totem pole is able to impact one of the most sensitive areas of a company’s daily operation. As a person who has built web servers and sites since before there was a yahoo.com or ebay.com, I can attest to the fact that security is not only an ongoing battle but an ever-changing one too. Unless companies such as AOL take a Machiavellian approach to dealing with people and business issues, they will continue to be compromised more so and often then they have to.
Pete Milano
The PM Report
Network
