April 19th, 2006, 07:19 AM
Credit cards and email: Seriously Worrying
When typing some emails for my boss recently, I was alarmed to find a request for a credit card number. I consulted him and made him aware of the security risk involved, however he assured me that everyone was doing it and that it was safe. I told him that people with physical access to the machines at the internet service provider could easily access these numbers as the emails were unencrypted. He told me to include other options such as ph/fax that the customer could optionally use. As I previously said, there are many people doing this. How can we make people understand that unencrypted email is completely insecure?
Cereal: Eaten at all times of the day.
April 19th, 2006, 07:34 AM
I suppose you could set up a demonstration with a packet sniffer for people in your own organization.
For the wages of sin is death, but the free gift of God is eternal life in Christ Jesus our Lord.
(Romans 6:23, WEB)
April 19th, 2006, 08:22 AM
When their bank account has been emptied and their credit card used to purchase child pornography, they will probably take the hint.
How can we make people understand that unencrypted email is completely insecure?
When you log into an online store, why does it take you to a secure connection? to make payment.
Why does your system put up a warning message when you are about to send data over an insecure connection? (unless you disable it)
This may help, as would a telephone call to their bank or credit card customer services department.
April 19th, 2006, 12:12 PM
There are a number of ways to get this message across. An effective awareness program would be beneficial to your organization.
Do things like posters, pencils and other novelties. Believe it or not, these low cost approaches do the job nicely.
Please note that awareness is not the same as training.
Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden
April 19th, 2006, 04:35 PM
Nice little discussion on email from a banking site:
“Everybody is ignorant, only on different subjects.” — Will Rogers
April 19th, 2006, 04:54 PM
Have you considered using one of these?
Works every time for me!
If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle.
- Sun Tzu
, The Art of War