Prev: Why is UKRM more active than Reeky?
Next: Hopefully ...
From: B 650 on 20 Nov 2009 06:40 TOG(a)Toil wrote: <snip> > I don't mind how the payslips and their info are communicated to us as > employees. What worries me is the insistence that the only way to keep > a payroll record (with all its sensitive data such as NI number) > henceforth is on your personal PC. Not a work PC, behind a corporate > firewall, but on a rather more vulnerable device. There's this generally held belief that corporate networks are far more secure than home networks. My work is server security, and I'm regularly faced with the "but it's on our internal LAN, behind the firewalls, so it is secure" argument. I point out that there are best part of 100,000 people who have access to that network so, no, it is *not* secure. Your home network will likely have a small handful of people on it, who you would sincerely hope do not have any malicious intent with your personal data. Your work network will have many more people who have more motivation to access your payslip and use it for a purpose for which it was not intended. Internet nastiness is internal as well as external -- D
From: TOG on 20 Nov 2009 07:20 On 20 Nov, 11:40, B 650 <dunc.on.use...(a)gmail.com> wrote: > TOG(a)Toil wrote: > > <snip> > > > I don't mind how the payslips and their info are communicated to us as > > employees. What worries me is the insistence that the only way to keep > > a payroll record (with all its sensitive data such as NI number) > > henceforth is on your personal PC. Not a work PC, behind a corporate > > firewall, but on a rather more vulnerable device. > > There's this generally held belief that corporate networks are far more > secure than home networks. My work is server security, and I'm > regularly faced with the "but it's on our internal LAN, behind the > firewalls, so it is secure" argument. I point out that there are best > part of 100,000 people who have access to that network so, no, it is > *not* secure. > > Your home network will likely have a small handful of people on it, who > you would sincerely hope do not have any malicious intent with your > personal data. Your work network will have many more people who have > more motivation to access your payslip and use it for a purpose for > which it was not intended. > > Internet nastiness is internal as well as external > Very good point. But why increase the risk by having the details on intranet *and* home machines which are much more vulnerable to external attack that corporate systems?
From: Jim on 20 Nov 2009 07:30 TOG(a)Toil wrote: >> Your home network will likely have a small handful of people on it, who >> you would sincerely hope do not have any malicious intent with your >> personal data. Your work network will have many more people who have >> more motivation to access your payslip and use it for a purpose for >> which it was not intended. >> >> Internet nastiness is internal as well as external >> > Very good point. But why increase the risk by having the details on > intranet *and* home machines which are much more vulnerable to > external attack that corporate systems? In the near future there will be companies that will manage this for you - you'll be able to get your payslips, bank statements, utility bills all stored securely online.
From: 'Hog on 20 Nov 2009 07:32 Jim wrote: > TOG(a)Toil wrote: >>> Your home network will likely have a small handful of people on it, >>> who you would sincerely hope do not have any malicious intent with >>> your personal data. Your work network will have many more people >>> who have more motivation to access your payslip and use it for a >>> purpose for which it was not intended. >>> >>> Internet nastiness is internal as well as external >>> >> Very good point. But why increase the risk by having the details on >> intranet *and* home machines which are much more vulnerable to >> external attack that corporate systems? > > In the near future there will be companies that will manage this for > you - you'll be able to get your payslips, bank statements, utility > bills all stored securely online. You already can! -- Hog
From: Jim on 20 Nov 2009 07:34
'Hog wrote: >>>> Internet nastiness is internal as well as external >>>> >>> Very good point. But why increase the risk by having the details on >>> intranet *and* home machines which are much more vulnerable to >>> external attack that corporate systems? >> >> In the near future there will be companies that will manage this for >> you - you'll be able to get your payslips, bank statements, utility >> bills all stored securely online. > > You already can! TOG doesn't though. The tipping point will come when a company like Google starts doing deals with the banks and utility companies to bring it all into one place for you rather than having to upload stuff yourself. |