Home page logo
/

educause logo Educause Security Discussion mailing list archives

Re: Non-administrator advantages / disadvantages
From: Jeff Kell <jeff-kell () UTC EDU>
Date: Sat, 1 Dec 2012 11:58:04 -0500

On 12/1/2012 7:45 AM, Geoffrey Steven Nathan wrote:
I will agree with Kevin here. My wife is a high-level administrator
here, and often has to act very quickly on tricky personnel issues.
When someone sends her a pdf related (say) to an emergency dismissal
and her Acrobat insists on an update NOW, the last thing she needs is
to submit a support ticket and wait a couple of days before she can
read the file. This kind of thing happens more often than we might
think (well, maybe not the emergency dismissal), but the notion that
IT support student workers' time is more valuable than the Vice
President's time, so we need to hold up their work to minimize IT
support costs needs to be discussed with all parties involved.

But unfortunately that is the epitome of targeted spear phishing...
getting an "administrator" to open a malicious attachment, and/or OK an
"update".

Jeff

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]