During a security community gathering earlier this week I was staggered to hear a "security expert" cite a supposed best practise of giving contractors machines (to ensure a secure environment) AND the administrator password! Perhaps this is just a rant but I couldn't quite believe my ears. Why on Earth give the admin credentials to someone who's a temporary worker who doesn't actually need to change the configuration of the machine!
Steve is off working on Get Safe On-line this week. The BBC reports a government sponsored survey released