Reply to post: Re: S3

Silk road adviser caught, Kaspersky sues Dutch paper, and Vietnam's tech clampdown

Pascal Monett Silver badge

Re: S3

I propose this scenario :

An internal IT jockey has a project and needs to test some functionaity. He goes to his boss and gets approval for a bucket. He loads demo data on it, nothing important or critical, no customer data. Security is not important, testing functionality is, so he keeps his life simple and doesn't lock anything down.

He does his tests, bugs out and leaves the bucket for another round of testing later on.

Meanwhile, pentesters happen upon the bucket, alert the meadia, articles screaming bloody murder are written, and the IT guy quietly activates security on the bucket thinking "bloody hell, what a lot of hot air for nothing".

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon