Oh good it is temp season

At this time of year large parts of the world move into a position of having holidays. Some countries conduct this with focus (France closes and they all head south, nice idea). Many others move to a position where large numbers of staff take time off to holiday with their families. To prevent organisations coming to a complete halt with the exodus, temporary or contract staff are often brought in. This event is known about 12 months in advance and comes round every year, yet many scrabble around at the last minute to find suitably skilled and competent staff.

Once the staff are secured even less effort appears to be taken ensuring that they are suitably trained in the correct processes, practices and procedures of the organisation. They may be shown the specific mechanics of completing their role, if this is particular to the organisation, but it is less likely that they would have signed up to the Acceptable Use Policy (AUP). The chances of a suitable induction including InfoSec awareness and training are slim.

Now while these people maybe from an agency that has vetted and checked the candidates for suitability within the area of work conducted by the client organisation it is also possible that they are not.

Without well delivered awareness and training campaigns organisations can find that the risk to their information systems increases rapidly during this time. Threats actors will move to take advantage of the turmoil and subtle disturbances in the knowledge and running of the business. Many of these will take the form of socially engineered or ‘Wetware’ attacks. Taking the opportunity to draw enough information that can be pieced together without drawing attention.

So ensure that your organisation has a smooth holiday period and that well rested staff do not return to find more to fix, secure and unpick than there was before they left, re-run your awareness campaigns.


~ by Simon Hancock on July 12, 2008.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: