Sharky

Shark Tank: It's Just 100,000 Lines, That's All

August 21, 2006 10:00 AM EDT
Pilot fish is tapped to research what it will take to integrate a vendor's new product into a homegrown application. But he can't find technical information on it, so he schedules a meeting with the application guru, who tells him, "Yeah, we have lots of documentation already complete." Where can I find it? fish asks. "Well, what do you need specifically?" Architecture or design documents, interfaces, databases used. ... "Oh, like I said, that's all out there," guru says. Where? fish asks again eagerly. "Well, tell me what you're looking for," repeats guru impatiently. "It's all there -- just read the code."

Insecurity

Managed services provider is setting things up for a security company, and after many meetings, everyone agrees that secure FTP is the best way to transfer the files containing sensitive customer and sales information. "They seemed excited by the prospect of encryption," says a pilot fish on the managed services side. "Within a day or two of the decision, we coordinated with their IT department to obtain the log-in information. We received our log-in and password to their 'secure' FTP site -- via standard e-mail. I neglected to follow up with them on their own internal security procedures, but we requested a password change within minutes."

Insecurity II

Newly hired IT contractor will need remote network access, so this pilot fish uses the company's intranet-based application to set it up for him. That includes coming up with a secret question and answer so the user can be authenticated when he calls the help desk. "But the system assumes the person filling out the request is also the one who'll be using the access," grumbles fish. "It asked me to come up with the question and answer, not the contractor. The result? His question is 'Why is this an insecure process?' and the answer is 'Poor design.'"

No, That's Not It

Company changes e-mail systems and begins to remove deleted e-mail automatically after two weeks instead of leaving that to users. And that makes one user howl. "Turns out he stores all his e-mails in the Deleted Items folder as soon as he reads them, because he can get them out of his in-box with just a click on the big 'X,'" says an IT pilot fish there. "I suggested that he create a folder for items he didn't want to disappear. His first reaction: 'You mean I have to make a new folder called Deleted Mail when there already is one?'"

Submit your own true tales of IT life to sharky@computerworld.com. If Sharky uses it, you'll snag a snazzy Shark Tank shirt! You can also add comments by using the form at the bottom of this page.