They say you can find anything on Google. Turns out it’s especially useful when one is searching for personal data to crack a Yahoo! Web mail password.
In the remote case you missed it: Vice Presidential candidate Sarah Palin’s Yahoo! Webmail was hacked last week, and the contents were posted on Wikileaks. Wired reported that the hacker easily broke into Palin’s Webmail, hoping to find incriminating evidence that could derail her campaign.
We see this happen a lot. While IT installs email and IM archiving software, the workforce moves their personal and sometimes ill-advised communications to what I would call rogue channels. These channels include Webmail, public IM, Skype, and even Facebook. Employees think that management doesn’t monitor or control these tools and it becomes an appealing place for improper or even illegal activity to occur.
Michael Osterman explained this well when he wrote about the lessons IT should learn from the Sarah Palin Webmail hack.
More examples of infamous rogue channel use in recent times include Senator Mark Foley, whose IM conversations with a intern cost him his job. Jerome Kerviel, the French banker who alledgedly cost his company $7B, and Scott Sidell, the former CEO who funneled client lists to himself through Webmail.
What are your employees doing thru Webmail, personal IM networks and social networking sites?
When I ask IT professionals the above question the majority respond (very confidently) that nothing rogue or unsanctioned is happening on their networks. Common responses include, “We block it with our firewall” or “we have a policy against it.” Then we deploy an evaluation unit and provide a report of actual employee initiated traffic and it becomes clear: hope is not a strategy.
As customers move to adopt Unified Communications platforms from Microsoft, IBM and others, I believe the same issue will exist – employees will use personal systems and corporate sanctioned systems interchangeably. IT will have the hard task of managing policies and controls consistently across this heterogeneous environment.