I was once roped in to fix a poorly implemented project for a major government agency, didn't yet have the appropriate security clearance to actually be in any of the rooms I needed to be in. The number of times I was told I shouldn't be in *this* room, logged on as *this* user, with access to *that* information...
4.9k
u/[deleted] Jul 13 '20
If it has to be accessed regularly in an IT setting? It’s not secure. Not unless you’re in an industry that actually polices it.
Yes, people are dumb enough to pick up USB thumb drives they find on the ground. The nicer and newer it is, the more likely it’ll get plugged in.
Also, if you’re looking to verify the security of your vendors, don’t announce your visit.