Case Study:
Security Assurance, Hah!
“If I have to goto one more employee meeting about security policy, I’m going to scream. The managers talk about threats, and safeguards, and risk, and uncertainty, and all the things they want us to do to improve security. Has any manager ever watched people work in this department? “Walk through the cubicles here and watch what is happening. I’ll bet half the employees are using the password they were assigned the day they started work. I’ll bet they’ve never changed their password, ever! And for the people who have changed their passwords, I’ll bet they’ve changed them to some simpleton word like ‘Sesame’ or ‘MyDogSpot’ or something equally absurd. “Or, open the top drawer of any of my coworkers’ desks and guess what you’ll find? A little yellow sticky with entries like OrderEntry: 748QPt#7ml, Compensation: RXL87MB, System: ti5587Y. What do you suppose those entries are? Do you think anyone who worked here on a weekend wouldn’t know what to do with them? And the only reason they’re in the desk drawers is that Martha (our manager) threw a fit when she saw a yellow sticky like that on Terri’s monitor. “I’ve mentioned all this to Martha several times, but nothing happens. What we need is a good scare. We need somebody to break into the system using one of those passwords and do some damage. Wait—if you enter a system with a readily available password, is that even breaking in? Or is it more like opening a door with a key you were given? Anyway, we need someone to steal something, delete some files, or erase customer balances. Then maybe the idiotic management here would stop talking about security risk assurance and start talking about real security, here on the ground floor!”
Q1. Summarize the point that this contrarian is making.
Q2. What do you think Martha should do about the points he makes? Surmise why nothing has been done to this point.
Q3. Explain three ways that our contrarian could make his point more effectively.
Q4. We’ve now heard from numerous contrarians. What do you think about them? What are the advantages of having a contrarian in a group or meeting? What are the disadvantages?
Q5. Contrarians can be amusing, and they often make excellent points, but they become tiresome. Using your answers to question 4, explain why that is. What would drive you to the point of becoming a contrarian? What other strategy could you employ?
Your answer must be typed, double-spaced, Times New Roman font (size 12), one-inch margins on all sides, APA format and also include references.