When over-zealous support reps censor customer passwords
Thursday, August 28th 2008 @ 1:15 AM (not yet rated)
in this BBC News story (click HERE), an unhappy Lloyds TSB bank customer had set his own telephone banking security password to be an apparently derogatory phrase about the bank - "Lloyds is pants". (I have to ask for input from Brits on exactly where the phrase came from - I suspect not David Letterman...) Subsequently, he discovered that it had been changed by a bank employee to "No it's not".
Furthermore, when talking with a customer service agent (perhaps the same person?) the customer suggested some other phrases that were then deemed by the agent to be inappropriate - including "Lloyds is rubbish" and "Barclays is better". This begs the question, "How did he manage to get it set to 'Lloyds is pants' in the first place?"
The story is worth reading in its entirety, especially to appreciate the deliciously British tone in which it is written.
The whole thing makes me wonder about more public statments. What would your Department of Motor Vehicles have to say when you request a vanity license plate that reads, "DMV SUCKS"? What other funny situations might arise with other services or products?
It's one thing to have a policy that censor's client input on publicized comments, such as in blogs or articles. It's another to allow employees to make policy up on the fly about acceptable content. It's still another issue entirely to censor private security phrases. This can obviously lead to downright ridiculous situations such as this one.
So, why not get on the bandwagon and take action to ensure that your support people know your security policies by hiring us to do some anonymous testing? (Click HERE to see the Streetwise Security Marketplace)
| | I am now offering monthly briefings, tailored to organizations that want to build and sustain security awareness for staff. Just because your security team is too busy to do its own training and awareness doesn't mean you can't have an economical way to address human security risks. Please call or email me at the coordinates below...
Scott Wright
The Streetwise Security Coach
Join the Streetwise Security Zone at:
http://www.streetwise-security-zone.com/join.html
Phone: 1-613-693-0997
Email: scott@streetwise-security-zone.com
Twitter ID: http://www.twitter.com/streetsec
To receive weekly security tips and other notices about helpful content available on this site, please make sure you are on my list by clicking HERE, and entering your name and email address.
 |
Creative Packing Materials 101
Friday, August 22nd 2008 @ 7:02 AM (not yet rated)
This one deserves honorable mention. According to ABC news today, a Texas company was caught using torn up "negotiated checks" as packing material. Click HERE to see Rebecca Herold's take on the story.
What's next, torn up credit card receipts?
| | I am now offering monthly briefings, tailored to organizations that want to build and sustain security awareness for staff. Just because your security team is too busy to do its own training and awareness doesn't mean you can't have an economical way to address human security risks. Please call or email me at the coordinates below...
Scott Wright
The Streetwise Security Coach
Join the Streetwise Security Zone at:
http://www.streetwise-security-zone.com/join.html
Phone: 1-613-693-0997
Email: scott@streetwise-security-zone.com
Twitter ID: http://www.twitter.com/streetsec
To receive weekly security tips and other notices about helpful content available on this site, please make sure you are on my list by clicking HERE, and entering your name and email address.
|
