× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  • Subject: Re: ALL OBJect- Hey what do you think Wayne O Evans? MR. Security I know ...
  • From: MacWheel99@xxxxxxx
  • Date: Thu, 14 Sep 2000 17:30:17 EDT

Thanks Marie ... you have done an excellent job of translating from the 
technical language to real life terms understandable to anyone who does not 
understand security - should but has abdicated that responsibility.

A developer who is given full access to our corporate systems can also play 
the role of an embezzler ... enter a dummy vendor ... enter dummy debts ... 
set up the system to send off payments to the dummy vendor (developer secret 
account).

Mischef for the ERP lists ... we talk a lot about bugs & stuff not working 
right ... we could add a possible to the list of suspects ... perhaps the 
stuff is messed up because of combination of poor security & a bad apple at 
the vendor business partner.

When outside vendors have authority to do anything they wish on our system, 
there ought to be some kind of checks & balances outside of the system to 
identify payroll checks paid to people not on our payroll & stuff like that, 
not that I would suspect any of the employees of the fine consultants who 
have helped us over the years, but it only takes one bad apple, or one 
Business Partner penetrated by a hacker, to do serious damage.  What are the 
odds of either one event & how many clients at risk from the one event?

In fact, precisely because of the poor security delivered by many vendors, 
this increases the windows of opportunity for inside embezzlement, so such 
checks & balances are needed for most ERP clients today & I betcha most of 
them do not have any such protection.

Al Macintyre  ©¿©

> From: mgraziano@badgermeter.com (Graziano, Marie)
>  
>  Let me ask everyone out there.!
>  
>  Please give me your credit card number and then also you check book id.
>  *  I wont use it, I just need it to put into a data base so I can write
>  programs on how to use credit cards and what they can do for people and how
>  many people have credit cards and check books.
>  Oh! and yes, you would not mind if I shared this with an internet chat room
>  so they could test my program in production for me.
>  
>  THINK everyone!  Our companies DATA is confidential and our business 
systems
>  run our companies.  If we are a public company then by GOD you must not 
have
>  anyone able to manipulate your data, assume authority or know your 
security.
>  That is why most of us have a Security officer

+---
| This is the Midrange System Mailing List!
| To submit a new message, send your mail to MIDRANGE-L@midrange.com.
| To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com.
| To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com.
| Questions should be directed to the list owner/operator: david@midrange.com
+---

As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.