Working for a helpdesk in one of the biggest companies in the world was definitely a challenge. Not only did we serve 70,000 employees in North America but we were also partly responsible for calls from around the world. If you had a problem or question on how to do something with any system you had, you called us. Can you imagine the acronyms we had to learn to support a global organization that had just merged 5 years prior from two existing oil giants.
The first acronym you learned though was S&C (Security and Controls). The moment you walked into the place as a helpdesk analyst S&C became your world. This was the number 2 priority (behind safety but in front of helping the customer) that we had to work by. This could at times prove frustrating for clients and analysts alike as it would often interfere with our ability to help people or force them to take much longer routes to get what they needed.
These measures existed for a very good reason though. We were basically the gatekeepers to the guts of the organization because of our ability to control username and password access to hundreds of internal systems. There were of course layers of security to keep us safe from external harm but what easier way into the heart of a corporation than through the front door.
Some of the most notorious "hackers" in the world were not necessarily software geniuses. Kevin Mitnick achieved "hacker" fame not through the manipulation of software code but through the manipulation of people. His best strength was convincing the holder of the keys he was somebody else which allowed him to waltz right into the system.
This certainly makes it clear to the analyst why we have such stringent S&C policies. The hard part is convincing the client that the hoops you are putting them through were for their own good.
No comments:
Post a Comment