November 4, 2016 at 1:12 pm
ZZartin (11/4/2016)
Steve Jones - SSC Editor (11/3/2016)
ZZartin (11/2/2016)
I don't feel it's the job of IT to play vigilante and hunt down people potentially abusing the system, unless you work in InfoSec and are just an evil person.As a sysadmin, I always think about where I might compromise, or another sysadmin might, and I try to build in checks that are independent of me or any one person.
IT systems could have notified customers, which is the idea.
This might be what I disagree with, my job is to work with technology processes not business processes.
I don't have a complete understanding of why certain business processes are in place or even an understanding of what is technically legal and if I started worrying about it or trying to enforce what I happen to feel is right I would A) have no time to do my actual job B) likely find myself unemployed.
There are certainly a huge amount of checks IT could put in place if that's what the company wants them to do.
This isn't about me enforcing what I think it legal. Legal is separate. I do what I think enables systems to work well if the people fail. I worry about rogue admins, so I try to account for that with some checks. Not perfection, but ways to ensure someone is notified of issues.
In terms of IT notifying customers, that wouldn't be my decision. However, the business should have decided users need to be notified of changes. This is likely a legal requirement, so IT applications should be doing this.
November 5, 2016 at 10:11 am
This article has me wondering about my own account. I have an account with Wells Fargo. Naturally they've been sending out emails saying things like they're sorry, what happened doesn't reflect their goals for their relationship with their customers, etc. i.e. they're doing damage control. But what I'd really like to know is this; how can I tell whether or not my account was one of those that was used for this fraudulent activity?
Rod
November 6, 2016 at 10:39 am
Doctor Who 2 (11/5/2016)
This article has me wondering about my own account. I have an account with Wells Fargo. Naturally they've been sending out emails saying things like they're sorry, what happened doesn't reflect their goals for their relationship with their customers, etc. i.e. they're doing damage control. But what I'd really like to know is this; how can I tell whether or not my account was one of those that was used for this fraudulent activity?
AFAIK, all the activity was under the customer's name, so you should be able to ask for a list of your accounts, or do an "add" in the web app and see if there are accounts you don't expect.
November 7, 2016 at 8:20 am
Steve Jones - SSC Editor (11/6/2016)
Doctor Who 2 (11/5/2016)
This article has me wondering about my own account. I have an account with Wells Fargo. Naturally they've been sending out emails saying things like they're sorry, what happened doesn't reflect their goals for their relationship with their customers, etc. i.e. they're doing damage control. But what I'd really like to know is this; how can I tell whether or not my account was one of those that was used for this fraudulent activity?AFAIK, all the activity was under the customer's name, so you should be able to ask for a list of your accounts, or do an "add" in the web app and see if there are accounts you don't expect.
OK, thanks Steve.
Kindest Regards, Rod Connect with me on LinkedIn.
Viewing 4 posts - 31 through 33 (of 33 total)
You must be logged in to reply to this topic. Login to reply