|
For people who talked about FOIA, what about Semaphor? https://spideroak.com/semaphor/ Also, a ticket came in: site is down (6PM). Business impact? no. Boss freaking out? you bet. Why is it that a company which has defined business hours as 9-5 gives a poo poo past 5 o'clock is beyond me.
|
# ? Sep 10, 2017 09:13 |
|
|
# ? Jun 6, 2024 01:40 |
|
A ticket almost came in: replaced a physical domain controller at our data center with a newer 2016 in warranty server, used the same IP and name (yes I know what I'm doing). Just before I went to bed, I hopped back on to silence a SCOM alert that would be continuously emailing all night. Vpn logon failure. gently caress. Tried my alternate account. gently caress. Called our network admin and he thankfully had a secondary way in to the network to remove that DC from the auth configuration. We use F5 as our vpn endpoint, and they just point to the DC ips for ldap queries so there shouldn't have been any impact. Glad i caught it before a shitstorm hit today! Now to figure out what the gently caress happened, I have two more 2008R2 DCs to replace, and those are the ones that the F5 is pointed to now.
|
# ? Sep 10, 2017 13:37 |
|
devmd01 posted:used the same IP and name dumb dumb dumb devmd01 posted:(yes I know what I'm doing) (no you don't)
|
# ? Sep 11, 2017 03:03 |
|
I think he was saying he knows it's bad but his hands are tied.
22 Eargesplitten fucked around with this message at 03:29 on Sep 11, 2017 |
# ? Sep 11, 2017 03:26 |
|
We migrated from 2008 R2 DCs to 2016 using the same name and IP and it worked fine.
|
# ? Sep 11, 2017 04:31 |
|
GreenNight posted:We migrated from 2008 R2 DCs to 2016 using the same name and IP and it worked fine. So you're the one. Actually, I kid. I've replaced DCs before with same name/ IP address as well.
|
# ? Sep 11, 2017 06:26 |
|
What's the word for something worse than a brain fart? Brain shart? A BRAIN SHART CAME IN. We're going to publish all employees' names, titles, e-mail addresses, and phone numbers online. No way that could ever go wrong! I told my boss the second I get the order to execute that export my work cellphone will be turned off and left on the desk the second I'm off work. It's common to use your private cellphone number for work, so you only have to carry one phone around, and work pays for the subscription, but with that great new idea our phone guy is preparing for 90% of users to reclaim their numbers and get a company issued "burner number" for work only. It's pretty sad when you have a system that gives great flexibility and happy employees, but what do you do when management seems to ignore all cries of alarm?
|
# ? Sep 11, 2017 09:39 |
|
Don't know about US law, but in the EU publishing personal information of any kind will be illegal under GDPR laws unless each person gives explicit consent. Look up what your privacy protection laws have to say about it.
|
# ? Sep 11, 2017 10:01 |
|
I'm assuming those are all work details and not private email or phone, those can obviously be published. I don't think you can stop your company from publicly acknowledging that you work there under privacy laws.
|
# ? Sep 11, 2017 10:06 |
|
SEKCobra posted:I'm assuming those are all work details and not private email or phone, those can obviously be published. I don't think you can stop your company from publicly acknowledging that you work there under privacy laws. It's still dumb to put them all up there because you just know a lot of people will google "<company> phone number" or "<company> email address" and call/mail the first number/address they see.
|
# ? Sep 11, 2017 10:11 |
|
Crowley posted:What's the word for something worse than a brain fart? Brain shart? Make sure your company includes photos of all your employees too, especially if you hire young ladies. It makes it much easier for the public and saves them having to cross-check female names against Facebook before calling them up to make panting noises down the phone at them. . spog fucked around with this message at 10:50 on Sep 11, 2017 |
# ? Sep 11, 2017 10:14 |
|
SEKCobra posted:I'm assuming those are all work details and not private email or phone, those can obviously be published. I don't think you can stop your company from publicly acknowledging that you work there under privacy laws. But again, that's EU law and I don't know how it works in the new world. Collateral Damage fucked around with this message at 13:03 on Sep 11, 2017 |
# ? Sep 11, 2017 10:45 |
|
Foxhound posted:It's still dumb to put them all up there because you just know a lot of people will google "<company> phone number" or "<company> email address" and call/mail the first number/address they see. Once they figure out your company's email naming convention, it's all over with a quick scrape of LinkedIn. No, I'm an AIX systems engineer, I don't give a single gently caress about your new server 2016 migration strategies, and no I don't know who to talk to about our telecom implementation (actually, I do, but gently caress off anyway).
|
# ? Sep 11, 2017 11:00 |
|
Collateral Damage posted:Under GDPR you can, because your name is still personal information. Our legal and HR department are both busy as hell chasing down and deleting personal information from places where it's been carelessly stored, and it's only 8 months until it starts getting enforce. I am in the EU and I've never heard of such an asinine interpretation, I don't see how you can construct a case where an employee working at the company can be constructed as being privileged personal data. Foxhound posted:It's still dumb to put them all up there because you just know a lot of people will google "<company> phone number" or "<company> email address" and call/mail the first number/address they see. You can also just email firstname.lastname@example.com at 90 % of all companies to reach the CEO, what's your point?
|
# ? Sep 11, 2017 12:25 |
|
Collateral Damage posted:Under GDPR you can, because your name is still personal information. Our legal and HR department are both busy as hell chasing down and deleting personal information from places where it's been carelessly stored, and it's only 8 months until it starts getting enforce. So since linkedin shows people's names and their previous/current work history, is just straight illegal now? I mean, there's either gotta be something else going on there, or someone's done something real dumb with a law without thinking about how that's actually gonna affect things either is possible of course, but that sounds weird as hell e: if I write an email and send it to another employee, and the other employee forwards that email chain to a third party, does the other employee get in trouble for me being revealed to work at that company? do they get in trouble for revealing they work at that company?
|
# ? Sep 11, 2017 12:35 |
|
Ursine Catastrophe posted:So since linkedin shows people's names and their previous/current work history, is just straight illegal now? I mean, there's either gotta be something else going on there, or someone's done something real dumb with a law without thinking about how that's actually gonna affect things Well on linkedin everyone agreed to that so it's unquestionably OK. This isn't a law that forbids personal data from being public or used or whatever, it just adds some structures that have to be implemented if you do handle 'sensitive' data.
|
# ? Sep 11, 2017 12:37 |
|
SEKCobra posted:Well on linkedin everyone agreed to that so it's unquestionably OK. If that's the case then I'd think "changing the employee agreement to explicitly say the company is allowed to tell people you work for them" would be the next step here
|
# ? Sep 11, 2017 12:38 |
|
SEKCobra posted:I am in the EU and I've never heard of such an asinine interpretation, I don't see how you can construct a case where an employee working at the company can be constructed as being privileged personal data. quote:What is personal data? https://www.itgovernance.eu/blog/en/expert-gdpr-qa-the-material-scope-of-personal-data-and-legal-implications/ quote:Does PII include data of customers as well as employees of a company?
|
# ? Sep 11, 2017 12:45 |
|
Ursine Catastrophe posted:So since linkedin shows people's names and their previous/current work history, is just straight illegal now? The regulations also mean that when a user deletes their account, you're required to irreversibly delete all related information. What to do with long-term backups is going to be an interesting question.
|
# ? Sep 11, 2017 13:00 |
|
Collateral Damage posted:Unless the user gives consent, yes. Which you probably did when you signed up for the site and clicked agree on the TOS you didn't read. I live in america, my SSN's probably out in the wild as it is so ¯\_(ツ)_/¯ Realistically speaking though, I get where this seems to be coming from in a "people are wildly too insecure handling people's PII", but some of this sounds like it's going to make for some very interesting court cases in very short order. "According to the European Commission "personal data is any information relating to an individual, whether it relates to his or her private, professional or public life. It can be anything from a name, a home address, a photo, an email address, bank details, posts on social networking websites, medical information, or a computer’s IP address."" Like I really hope I'm misreading something about this because what I'm hearing is someone saying "okay, I'm deleting my account, my IP address is X.X.X.X and now you have to retroactively delete it from all your backed up apache logs" They do say could be but don't appear to say anything about what actual combination of those items elevates to a PII level, but yeah. And of course my company has EU customers so this is going to make for some interesting emails from legal soon, probably.
|
# ? Sep 11, 2017 13:11 |
|
What's wrong with reusing IPs of domain controllers? We were going to do that because we have DNS on them and everything points to those IPs. But we also still manually set static IPs for everything.
|
# ? Sep 11, 2017 13:14 |
|
myron cope posted:What's wrong with reusing IPs of domain controllers? I would also like to know this. I also used the same IP's when migrating the domain controllers. I did change the computer names though.
|
# ? Sep 11, 2017 13:18 |
|
Absolutely nothing, as long as you're careful with your dcpromo process and validate metadata cleanup before you rename your prepped server to the old server's name.
|
# ? Sep 11, 2017 13:20 |
|
Ursine Catastrophe posted:So since linkedin shows people's names and their previous/current work history, is just straight illegal now? I mean, there's either gotta be something else going on there, or someone's done something real dumb with a law without thinking about how that's actually gonna affect things The situation here is that it's a difference between "The user has elected to expose their personal details, within agreed-upon terms of service, for the purpose of social networking" and "the company is forcibly exposing the user's personal details to strangers without their knowledge or consent".
|
# ? Sep 11, 2017 13:22 |
|
Even that site specifies what “sensitive personal data” is, names are not that and the burden for handling that stuff is far lower.
|
# ? Sep 11, 2017 13:38 |
|
The linked in question is easy to answer.. how did that data get there? well you put it there. I have 2 emails at work, as I work for the "secure" part of our business (as far as infrastructure is concerned anyway) and my other email address is for 'corporate things' like signing into the appraisal system. I almost never use my corporate email or give it to anyone, but suddenly I'm getting salesman all over the place. It took me a moment longer than it should have but I realised it had been farmed from LinkedIn. I don't really make decision on purchasing for my organisation so I enjoy rejecting some of the more annoying ones.
|
# ? Sep 11, 2017 15:18 |
|
SALR can't figure out what thread I'm posting in
|
# ? Sep 11, 2017 15:47 |
|
Don't send an org-wide email says that we need to personally reduce our mailbox sizes if you've disabled the archiving and clean-up options on Outlook.
|
# ? Sep 11, 2017 16:05 |
|
Collateral Damage posted:Under GDPR you can, because your name is still personal information. Our legal and HR department are both busy as hell chasing down and deleting personal information from places where it's been carelessly stored, and it's only 8 months until it starts getting enforced. I read up on this, and it's flippin' GOLD! ..and here I was buried neck deep in GDPR already, and I missed that obvious point. I'll talk to our GDPR Project Manager about it. SEKCobra posted:I'm assuming those are all work details and not private email or phone, those can obviously be published. I don't think you can stop your company from publicly acknowledging that you work there under privacy laws. For "Common personal information" (I don't know the proper English name for it) consent is required, for example a ToS. Ursine Catastrophe posted:If that's the case then I'd think "changing the employee agreement to explicitly say the company is allowed to tell people you work for them" would be the next step here That may happen, but you can't just change it for all current employees. You could ask current employees for their consent, but if people do not consent there's little that can be done about it - at least without being sued by the unions.
|
# ? Sep 11, 2017 21:09 |
|
Old reassigned tickets came in... How do you folks deal with this issue? - Bob files ticket on Aug 15: "I can't log into system X." - Tier 1 is swamped and takes two weeks to even see the ticket - They finally see it on Aug 30 and assign it to System X Team - System X Team gets it with an Aug 15 timestamp and no other notification, so it sorts to the bottom of their list in the Service Now display (usually on page 2 or 3) - System X Boss bitches that nobody is looking at old tickets ServiceNow doesn't appear to want to sort by the Assigned on Edit: You can sort by "Updated" but that doesn't help because the tickets you're currently working on (and updating) still populate the top of your list. The Macaroni fucked around with this message at 21:50 on Sep 11, 2017 |
# ? Sep 11, 2017 21:47 |
|
The Macaroni posted:Old reassigned tickets came in...
|
# ? Sep 11, 2017 21:48 |
|
anthonypants posted:Hire more people for Tier 1, of course. How can we fix this problem with technology and not spend money?
|
# ? Sep 11, 2017 21:53 |
|
myron cope posted:What's wrong with reusing IPs of domain controllers? Computer startup script at the root level of the servers OU, sets primary/secondary/tertiary dns addresses based on naming scheme, with one at the other datacenter as tertiary. This keeps everyone consistent, but we still statically assign the IP.
|
# ? Sep 11, 2017 21:57 |
|
anthonypants posted:Hire more people for Tier 1, of course. It took all my power not to bitch at my boss on today's conference call (my last conference call, as I'm leaving this job on Friday) when she said "I don't understand what's so hard, if you just sort the list by unassigned then you see those transferred tickets just fine!" Uh, you see them fine when you're not actually working the queue, because then you have the luxury of not having to actually deal with what's in front of you. Guess how many tickets my boss closed this year? She's in purple, I'm in blue: Bear in mind that I do other things besides tickets, but also remember that this is the boss who says I don't carry my weight. Edit: I know there are far more impressive ticket counts out there, but these are tier 2 tickets, so they're usually not 5 minute "I reset your password" type stuff.
|
# ? Sep 11, 2017 21:58 |
|
The Macaroni posted:And/or hire more people for Tier 2 so that they have the capacity to go combing through back pages of the queue. I find it weird that the boss is doing any tickets at all.
|
# ? Sep 11, 2017 22:02 |
|
She occasionally helped out on those rare occasions I got to go on vacation. By helped out I mean "Assigned herself tickets and usually never followed up or closed them, and when I went to take care of them I figured she'd get upset if I reassigned myself."
|
# ? Sep 11, 2017 22:05 |
|
"Hi [colleague], as the primary contact for this customer can you tell me [basic thing about the customer]?" "I don't know" Great. Thanks, really useful.
|
# ? Sep 11, 2017 22:42 |
|
Thanks Ants posted:"Hi [colleague], as the primary contact for this customer can you tell me [basic thing about the customer]?" They need better excuses, like GDPR. "Good morning" "Sorry, can't say, GDPR."
|
# ? Sep 12, 2017 00:57 |
|
"client needs two computers physically swapped for [reasons]" ok. Drive out to client site, shutdown and move computer A. Shut down and move computer B. Set up computer B. Set up computer A... and pressing the power switch results in nada. No beep, no fans, nothing. loving Mondays.
|
# ? Sep 12, 2017 02:03 |
|
|
# ? Jun 6, 2024 01:40 |
|
ilkhan posted:"client needs two computers physically swapped for [reasons]" Did you bump the PSU switch while carrying them?
|
# ? Sep 12, 2017 02:25 |