... that might explain why my wife's OECD laptop has just had :
- Admin rights removed
- A decent password policy put in place
- A bunch of extra GPO stuff to apply security updates at each connection.
The words 'horse', 'gate', 'bolted', 'close' and 'after' spring to mind. If anyone from the OECD is reading this, can I also suggest mandatory 2-factor authentication for the corporate VPN... and maybe some organisation-wide education about the dangers of post-it notes and sellotape.