Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Evan Schuman: Starbucks sat on its clear-text password problem for months

Evan Schuman | Jan. 20, 2014
The company is dancing around the question of what it knew and when it knew it, but the security problem was not a revelation for it this week.

Let's say a page on your website has been taken over and is showing obscene images. If someone wants to contact you who can show your people the exact affected pages and offer suggestions as to the nature of the problem, is there a prominent link on your site to direct them to the right contact? If such a call comes in, will your people know to immediately put the call through to the relevant department and keep trying different people until someone answers?

This is where small companies have a huge advantage. Whoever answers the phone in a 40-employee company will likely know who handles what or at least who would know the best person to field the call. But in a company with 400,000 employees, it's a much harder task.

Suggestion: Why not send a memo to all of the people who answer these calls saying that if anyone says they have information about IT, mobile, security or the website, they should be put through? For every 50 nuisance calls that get through -- and those calls are generally easy to identify in fewer than 30 seconds -- there could be one with information that's vital to the company.


Previous Page  1  2  3 

Sign up for CIO Asia eNewsletters.