Penetration Testing mailing list archives
Re: [PEN-TEST] Testing a "rogue site"
From: Peter Van Epp <vanepp () SFU CA>
Date: Fri, 8 Sep 2000 19:19:07 -0700
Hi folks! I've got an interesting scenario/case study here. Very recently, there was a slight organizational change in our company and two out of town sites became added to our "circle of responsibility". Although they were added, company politics prevents us from dictating any IT policy to these new sites.
Then common sense dictates that you don't have any responsibility for their security either since that would make this a classic "responsibility without authority" situation and the solutions are basically obtain the authority to go with the responsibility or decline the responsibility (which may turn in to option 3) or that always valid third choice find a job with someone with a clue that doesn't try the "responsibility without authority" stunt. Security people are very marketable if the offers I get are any indication. Previous experience indicates bozos aren't worth working for conversely think hard before leaping from a non bozo environment, money certainly isn't everything, and is often an indication of a high bozo factor ... A security policy would also be a good first step should you decide to stay (and probably a good bellweather of whether you should stay ...).
Current thread:
- [PEN-TEST] Testing a "rogue site" Kelly, Mike (Sep 08)
- Re: [PEN-TEST] Testing a "rogue site" Peter Van Epp (Sep 09)
- Re: [PEN-TEST] Testing a "rogue site" Missy, E (Sep 10)
- <Possible follow-ups>
- Re: [PEN-TEST] Testing a "rogue site" Mitch James (Sep 08)
- Re: [PEN-TEST] Testing a "rogue site" Rich Richenberg (Sep 08)
- Re: [PEN-TEST] Testing a "rogue site" Alexander Sarras (SEA) (Sep 11)
- Re: [PEN-TEST] Testing a "rogue site" Karyn Pichnarczyk (Sep 11)
- Re: [PEN-TEST] Testing a "rogue site" Missy, E (Sep 12)
- Re: [PEN-TEST] Testing a "rogue site" Wandering One (Sep 13)
- Re: [PEN-TEST] Testing a "rogue site" Karyn Pichnarczyk (Sep 11)
- Re: [PEN-TEST] Testing a "rogue site" Peter Van Epp (Sep 09)
- Re: [PEN-TEST] Testing a "rogue site" Meritt, Jim (Sep 11)
- Re: [PEN-TEST] Testing a "rogue site" Alexander Sarras (SEA) (Sep 13)