Comments on: Not Good Enough Stories… http://www.cleverworkarounds.com/2008/09/01/not-good-enough-stories/ After much frustration, it seems DEFAULT is the way to go... Tue, 27 Jul 2010 11:20:51 +0000 hourly 1 http://wordpress.org/?v=3.0.1 By: admin http://www.cleverworkarounds.com/2008/09/01/not-good-enough-stories/comment-page-1/#comment-2041 admin Mon, 01 Sep 2008 20:04:14 +0000 http://www.cleverworkarounds.com/2008/09/01/not-good-enough-stories/#comment-2041 That is an absolute beauty Mark. This recent one was good too, since it was a hosting company that painted itself as specialists in Windows/Shareoint hosting.. http://www.cleverworkarounds.com/2008/08/25/all-in-the-name-of-security/ That is an absolute beauty Mark. This recent one was good too, since it was a hosting company that painted itself as specialists in Windows/Shareoint hosting..

http://www.cleverworkarounds.com/2008/08/25/all-in-the-name-of-security/

]]> By: Mark Miller http://www.cleverworkarounds.com/2008/09/01/not-good-enough-stories/comment-page-1/#comment-2033 Mark Miller Mon, 01 Sep 2008 16:44:37 +0000 http://www.cleverworkarounds.com/2008/09/01/not-good-enough-stories/#comment-2033 I was working with a client on site that was sharing data across 5 different locations in the United States... very, very proprietary data needing high security. The owner of the project wanted a private area for keeping track of notes on the personnel working on the project. The owner came to me one morning, ashen faced. "You told me this thing was secure!" One of the team members had accessed the private area and read things about himself. WTF? I jumped in immediately to track down what had happened. I knew the implementation was secure. I had configured it myself and it had been running smoothly for months. It turns out, the company running the server management had ported everything over to a new implentation during an upgrade and "overlooked" the security settings as part of the migration. Their response, literally, was "Well you never let us know you had secure areas." My stomach still drops when I think about it. Mark I was working with a client on site that was sharing data across 5 different locations in the United States… very, very proprietary data needing high security. The owner of the project wanted a private area for keeping track of notes on the personnel working on the project.

The owner came to me one morning, ashen faced. “You told me this thing was secure!” One of the team members had accessed the private area and read things about himself. WTF?

I jumped in immediately to track down what had happened. I knew the implementation was secure. I had configured it myself and it had been running smoothly for months.

It turns out, the company running the server management had ported everything over to a new implentation during an upgrade and “overlooked” the security settings as part of the migration. Their response, literally, was “Well you never let us know you had secure areas.”

My stomach still drops when I think about it.

Mark

]]> By: admin http://www.cleverworkarounds.com/2008/09/01/not-good-enough-stories/comment-page-1/#comment-2017 admin Mon, 01 Sep 2008 12:12:51 +0000 http://www.cleverworkarounds.com/2008/09/01/not-good-enough-stories/#comment-2017 Whoa 1991 Paul - your almost as old as me! ... and I started on VMS/HPUX too :-) Whoa 1991 Paul – your almost as old as me! … and I started on VMS/HPUX too :-)

]]> By: Paul Galvin http://www.cleverworkarounds.com/2008/09/01/not-good-enough-stories/comment-page-1/#comment-2016 Paul Galvin Mon, 01 Sep 2008 11:44:31 +0000 http://www.cleverworkarounds.com/2008/09/01/not-good-enough-stories/#comment-2016 I caused myself a headache a bit like this once and blogged about it here: http://paulgalvin.spaces.live.com/Blog/cns!1CC1EDB3DAA9B8AA!520.entry I caused myself a headache a bit like this once and blogged about it here: http://paulgalvin.spaces.live.com/Blog/cns!1CC1EDB3DAA9B8AA!520.entry

]]>