Date: Wed, 12 Aug 92 16:45:35 PDT
From: jmcarli@SRV.PACBELL.COM(Jerry M. Carlin)
Subject: File 6--Pacbell security - The Final Word

John writes:

> But Pac*Bell, among others, is still just a wee bit sloppy on the
> administrative level. Just one example:...
>
> Do you see where I am going with this? No effort was made to verify
> that I was who I claimed to be, even though my accounts are all flagged
> with a password. (When I reminded the rep that she forgot to ask for my
> password, she was highly embarrassed.)...
>
> When will Pac*Bell do something about this wide, gaping security hole?...

All I can say is that we're trying. As I pointed out earlier in this
conversation, it all comes down to people. A mistake was made, no
doubt about it.  Can be do a better job than we are doing? We're
trying to. Is being Ok enough? As the current advertising slogan says
"Good enough isn't". This slogan has to translate into real action.

As my part in this effort, I'm going to pass all of this along so that
management realizes that a mistake was made so that action can be
taken to minimize the chances of it reoccuring. At the very least we
can remind service reps that they need to remember to verify users and
to make sure that the procedures and training are up to snuff.

Even though it is uncomfortable to be the recipients of criticism, we
need to listen to our customers, especially knowedgeable ones like
John, otherwise they will go elsewhere as competition comes to the
business.

Downloaded From P-80 International Information Systems 304-744-2253