Stupid user tricks: IT admin follies

IT heroes toil away unsung in miserable conditions -- unsung, that is, until they make a colossally stupid mistake

Soup of the day: Social Security numbers

Incident: Throw a bag of the finest steaks into a piranha-infested river, and you've got no right to complain when the fish make quick work of it.

In a sense, that's what happened when a 15-year-old freshman at Downingtown West High School stumbled upon, then copied files containing highly sensitive personal information -- including Social Security numbers -- of roughly 41,000 current and former students, families, and other town residents.

Similar because, as the district admits, the sensitive data was placed in a completely unprotected part of the school's computer network by a member of the district's IT staff. More than that, the admin had stored the files in a network segment to which students had access.

Whereas the student was charged with three felonies and one misdemeanor computer crime for copying information left nearly in plain view, the admin is considered guilty of nothing more than a brain-dead IT gaffe.

For what it's worth, the town's police determined that the student merely copied the data to a portable drive and gave only one copy to another student, who is cooperating with the police. That hasn't dampened the witch hunt, however, as several parents and residents are calling for the student to serve jail time.

Why the district was collecting the Social Security numbers of residents for the purpose of sending them newsletters, however, has not come under scrutiny. Nor has the lack of safeguards IT placed on that information.

So negligent was the IT handiwork that, according to school district spokeswoman Pat McGlone, the student "did not need to crack any passwords, evade any firewalls, or blow down any doors, so to speak. He just simply needed to be curious and bored," as Will Hobson wrote in the Philadelphia Inquirer.

And if boredom is all it takes for a teenager to expose 41,000 Social Security numbers, you know your approach to IT isn't smart.

Fallout: Fortunately for the student, cooler heads prevailed at the Chester County Deputy district attorney's office. The student won't face prison time. The district, on the other hand, has had to scramble to send out 16,600 letters to residents warning them about the potential for identity theft and has rushed to better secure its network and this sensitive data.

Moral: Maintaining a highly sensitive database requires encryption -- especially where bored teenagers are allowed to roam. In fact, keep your stored Social Security numbers off the cafeteria lunch menu portal altogether. Oh, and rather than just pillory a tech-savvy 15-year-old for taking advantage of an open door to sensitive personal data, lay equal blame on the IT worker, as well as the person in charge of collecting and protecting the database.

Join the PC World newsletter!

Error: Please check your email address.
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Andrew Brandt

InfoWorld

Most Popular Reviews

Follow Us

Best Deals on GoodGearGuide

Shopping.com

Latest News Articles

Resources

GGG Evaluation Team

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Steph Mundell

LIFEBOOK UH574

The Fujitsu LifeBook UH574 allowed for great mobility without being obnoxiously heavy or clunky. Its twelve hours of battery life did not disappoint.

Andrew Mitsi

STYLISTIC Q702

The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.

Simon Harriott

STYLISTIC Q702

My first impression after unboxing the Q702 is that it is a nice looking unit. Styling is somewhat minimalist but very effective. The tablet part, once detached, has a nice weight, and no buttons or switches are located in awkward or intrusive positions.

Latest Jobs

Shopping.com

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?