According to a study performed by a company called Cyber-Ark, one out of every three Information Technology (IT) professionals surveyed (total surveyed equaled 300 people) admitted to using their high security log in accounts and passwords to access confidential employee information (such as private e-mails, salary information, and board-meeting minutes).

What this means is that if this survey is truly representative of IT employees (and one has to be very cautious here as only 300 people were surveyed), your personal information at your place of employment may very well be being accessed by people who have no real reason to do so.

You can find the original story here: http://www.msnbc.msn.com/id/25263009/.

The Paladin finds this to be a terrifying statistic (again keeping in mind that only 300 people were surveyed…not a scientific sample by any stretch of the imagination). What this means is that at your place of work you must consider that anything you do electronically is not private at all.

Now, the Paladin has worked for companies in the past that indicated in their employee manual the following:

• That absolutely NOTHING the employee does on company computer equipment should ever have an expectation of privacy.
• That the employee should assume that all phone calls are being monitored.

Now, this was somewhat surprising because the company that the Paladin worked for HAD NOTHING TO DO WITH NATIONAL DEFENSE!

In fact, he worked for a major automotive supplier!

Anyway, the point being that personal privacy at your work is rapidly disintegrated, but the worst part about this report, if it is confirmed for a majority of IT professionals, is that you may be being spied upon without your knowledge.

Perhaps the moral of this story should be that unless you are using your own equipment on your own network, you should always assume that your communication may not be private (and even then, you cannot be sure your communication is private once the data leaves your own network).

As you know, MyComputerPaladin.com is dedicated to giving you the knowledge and tools to protect your computer and your sensitive information from those who would abuse it (see our About page). To that end, we provide technical information that is aimed at being understandable by the common man and woman so that you yourself can make an informed decision about your computer defense needs.

Even though we list Windows Live OneCare as a product on this site (which we do for completeness, seeing as we know that many people depend on Microsoft products for their day-to-day computing needs), the Paladin wants to go on record as to why he so vehemently opposes this product and would advise you, the computer owner, to choose a different tool. His complaint about this product has nothing to do with the quality of the product, but is related to business conflicts as well as standard software design principles.

First, the Paladin feels that there is a HUGE conflict of interest here regarding this service.

Microsoft, the maker of Live OneCare, is also (as you most undoubtedly know) the maker of the operating system for which you would use this service (i.e. Windows, and all of its variations). The services that Microsoft are attempting to sell to you are:

• services that should already exist in your rather expensive copy of Windows in the first place
• services that fix problems in Windows that again should be part of Windows…not a “paid-for” add on
• are part of a business model that only encourages Microsoft to turn out poor versions of Windows in order to “double dip” the end user (that’s you!) by making you buy a service that fixes problems that they did not fix in their original product in the first place

The Paladin feels that this type of business arrangement does nothing to encourage Microsoft to turn out a better product.

Second, the very nature of software development (of which the Paladin is a 25+ year veteran with Bachelor’s and Master’s degrees in the field) is that it is always better to have more people looking at a software solution than fewer. For example, when software is created by a developer, you always want someone other than the original developer to spend time testing it (the original developer should test as well!). The issue is that someone other than the developer is more likely to try things the original developer never thought of, and thus, would never test.

By going with a product other than the one made by Microsoft (which has a horrific track record in turning out secure software anyway), you get an entire company of developers from a different background looking at the computer defense side of the Windows Operating System.

To the Paladin, this makes the most sense by far in securing your data and defending your computer.

Give it some thought…but then choose what YOU believe to be the best solution for your computer defense needs.

We keep hearing about this over and over again in the news. Some large corporation suffers a security breach, putting people’s personal information (social security numbers, credit card numbers, bank account numbers, etc.) at risk. With the growing illegal business of identity theft, we are likely going to see more and more of this.

As the Paladin has repeatedly alluded to, computer defense and data security are every bit as much tied to human knowledge and actions as they are to good antivirus and other protective software packages.

Read the rest of this entry »