I see several folks talking about the risk in social engineering, what are the metrics in this situation ? If the installation was the CIA or FBI or DOD , i can understand the issue...I can understand from the Banking and Stcok Brokerage angle, been there done that. But to what degree is this an issue ?
Scott J Ford Software Engineer http://www.identityforge.com From: Bill Johnson <mellonb...@yahoo.com> To: IBM-MAIN@bama.ua.edu Sent: Thursday, July 28, 2011 3:14 PM Subject: Re: disclosing "business" information on the internet In our shop, we can't even use our work email address to subscribe to the listserv, emails from it are blocked. ________________________________ From: Frank Swarbrick <frank.swarbr...@efirstbank.com> To: IBM-MAIN@bama.ua.edu Sent: Thursday, July 28, 2011 2:20 PM Subject: disclosing "business" information on the internet Here's something that I think may be of general interest. Our information security officer sent the following to my manager: "The content Frank is positing does not appear to be specific to our environment. However, I am concern by the fact he posts his position, where he works, and phone number. This creates some social engineering risk, as well as discloses information about the operating systems we use. Who can I talk with to ask Frank to remove information related to where he works on this conversation thread and future ones?" Are these concerns justified or just paranoia? I like posting this information because I've received useful contacts and information based on it. I'm curious what policies other businesses have. Frank -- Frank Swarbrick Applications Architect - Mainframe Applications Development FirstBank Data Corporation - Lakewood, CO USA P: 303-235-1403 >>> The information contained in this electronic communication and any document attached hereto or transmitted herewith is confidential and intended for the exclusive use of the individual or entity named above. If the reader of this message is not the intended recipient or the employee or agent responsible for delivering it to the intended recipient, you are hereby notified that any examination, use, dissemination, distribution or copying of this communication or any part thereof is strictly prohibited. If you have received this communication in error, please immediately notify the sender by reply e-mail and destroy this communication. Thank you. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
