Breaking News 突发新闻 | | Forum 论坛 | | UK News 英国新闻 | | USA News 美国新闻 | | World News 世界新闻 | | Political News 政治新闻 | | Sci-Tech News 科技新闻 | | War & Terrorism News 战争和恐怖主义新闻 | | Sports News 体育新闻 | | Multimedia 多媒体 | | Set Homepage 设为首页

BREAKING NEWS 突发新闻

Friday, January 18th, 2008 周五， 2008年1月18日

Mel Duvall梅尔杜瓦尔

Wal-Mart is used to finding its name on the front page of The New York Times and The Wall Street Journal, but in March of 2007 it found itself making news under very different circumstances.沃尔玛是用来寻找其名下的头版，新的纽约时报和华尔街日报，但在2007年3月，它发现自己作出的消息下，非常不同的情况而定。
Wal-Mart officially apologized to the Times and retail reporter Michael Barbaro after a member of its internal security organization was found to have secretly taped conversations between Wal-Mart employees and the Times reporter.沃尔玛正式道歉，以时代和零售记者迈克尔巴巴罗后的成员，其内部保安组织被发现有秘密录音之间的对话沃尔玛雇员及时报记者。 Not only did Wal-Mart apologize to the reporter, chief executive H. Lee Scott phoned the chief executive of The New York Times to personally offer an explanation and convey the information that the technician involved, who had 19-years with the company, as well as a supervisor, had been fired.不但没有沃尔玛道歉记者，行政长官每小时李斯科特打电话给行政长官的新纽约时报亲自提供一个解释，并转达的信息技术所涉及的，谁曾19年与该公司合作，作为以及作为一个主管，已被解雇。
But the matter did not end there.但问题并没有因此结束。 Weeks later, the fired technician, Bruce Gabbard, went public, telling The Wall Street Journal he was part of a larger, sophisticated surveillance operation at Wal-Mart.星期后，发射了技术员，布鲁斯gabbard ，到公众，告诉华尔街日报，他的一个组成部分，较大的，精密的监视行动，在沃尔玛。 Gabbard said the retailer employs a variety of means, including software that can monitor every key stroke on the retailer’s network, to keep tabs not only on employees but also on its board of directors, stockholders, critics of the company, and in at least one instance, on a consultant, McKinsey & Co. gabbard说，零售商采用了各种手段，包括软件，可以监控每一个关键中风对零售商的网络，掌握，不仅对雇员，而且就其董事局，股东，批评该公司，并在在至少有一个例如，一名顾问，麦肯锡管理咨询公司
Wal-Mart later denied some of Gabbard’s allegations, in particular statements made that Wal-Mart had spied on its own directors as well as shareholders, but the incident cast a spotlight on the retailer’s normally secretive security organization.沃尔玛后来否认一些gabbard的指控，尤其是所作的声明指出，沃尔玛曾间谍对自己的董事，以及作为股东，但这一事件蒙上了聚光灯下对零售商的通常秘密安全组织。 McKinsey & Co. was contacted by CIOZone to confirm Gabbard’s statement that Wal-Mart spied on its consultants, but spokesman Mark Garrett said because of the confidential nature of McKinsey’s work with clients, the firm declined to comment.麦肯锡咨询公司取得了联系，由ciozone确认gabbard的声明，即沃尔玛的间谍就其顾问，但发言人马克盖瑞特说，由于保密性，麦肯锡的工作与客户，该公司拒绝就此发表评论。
Kenneth Senser, a former top official at the CIA, heads the company’s global security operations.丁传感器，一名前高级官员在美国中央情报局，负责公司的全球安全行动。 His lieutenants include a number of former government and defense department security specialists.他的副手，包括一批前政府和国防部门的安全问题专家。 David Harrison, a former member of US Army Special Operations Command, heads the company’s analytic research center, which has a mandate to identify threats from suspect individuals and groups.大卫哈里森，一名前成员，美国陆军特种作战司令部，负责该公司的分析研究中心，其中有一个任务是查明嫌疑人的威胁，从个人和团体。 Joseph Lewis, a 27-year FBI veteran, heads corporate investigations.约瑟夫刘易斯， 27年美国联邦调查局资深，元首公司的调查。 And Steve Dozier, former director of the Arkansas State Police, is a VP in charge of corporate investigative services.和史蒂夫多利尔，原主任阿肯色州州警察，是一个副总裁，负责公司的调查服务。
It is not unusual for Fortune 500 companies to hire law enforcement or intelligence experts for their security departments, but Wal-Mart actively recruits those with military or intelligence backgrounds.这是不寻常的财富500强公司聘请执法人员或情报专家为他们的安全部门，但沃尔玛积极招募那些与军事或情报背景的。 Last March it posted ads on its Web site and on sites for security professionals for “global threat analysts” with backgrounds in government or military intelligence.去年3月，它的广告张贴在其网站上和网站上为安全专业人士为“全球性威胁分析家”的背景，在政府或军事情报。
“Like most major corporations, it is our corporate responsibility to have systems in place, including software systems, to monitor threats to our network, intellectual property and our people,” Wal-Mart spokeswoman Sarah Clark said in a statement in April. “最喜欢的大公司，这是我们公司的责任，以有系统的地方，包括软件系统，以监察威胁我们的网络，知识产权和我们的人民， ”沃尔玛女发言人萨拉克拉克在一份声明中说，在4月。 Following the Gabbard firing, Wal-Mart said it conducted a review of its monitoring activities.继gabbard射击，沃尔玛说，它进行了审查，其监测活动。 “There have been changes in leadership, and we have strengthened our practices and protocols in this area,” Clark said. “有变化，在领导，我们已加强我们的做法和议定书，在这方面， ”克拉克说。
When contacted by CIOZone, Wal-Mart spokesman John Simley restated the company monitors threats using a variety of techniques, as would any company its size.时，所接触的ciozone ，沃尔玛的发言人约翰simley重申，该公司监测的威胁，利用各种技术，作为任何公司将它的大小。 “Every company has an obligation to its shareholders and to its employees to ensure that its information isn’t compromised,” Simley said. “每家公司都有义务向股东和其雇员，以确保其信息是不会受到损害， ” simley说。 Simley would not, however, provide details on the security department reorganization. simley不会，不过，提供详细资料，安全部门的重组。
To be fair, Wal-Mart is not the only company involved in a spying controversy.要公平，沃尔玛是不是唯一的公司所涉及的一种间谍争议。 Other high-profile corporate spying incidents have drawn public attention to the fact that companies are using an increasing array of methods to snoop on, or monitor as is the preferred term, the everyday activities of employees, suppliers and customers on their networks.其他高知名度的企业从事间谍活动的事件，引起公众注意一个事实，即公司使用的是增加阵列的方法，史努比，或监察作为是首选来说，日常活动的雇员，供应商和客户在其网络上。
In December a researcher in the anti-spyware unit of Computer Associates, revealed that Sears Holdings Corp. had installed spyware software in a program offered to customers via its “My SHC Community” shopping network that allowed Sears to track its members 12月，研究员，在反间谍单位， Computer Associates的显示， Sears Holdings的公司安装了间谍软件在一个程序向客户提供通过其“我的特困社区”购物网络，使西尔斯追踪其成员 online browsing behavior网上浏览行为 . 。
Sears says it does disclose the tracking software in a privacy statement, but Harvard Business School assistant professor Ben Edelman has criticized the retailer, saying the disclosure is difficult to find and consumers rarely read such statements.西尔斯说，它披露跟踪软件在一个隐私权声明，但哈佛商学院助理教授，本埃德尔曼批评零售商说，该项披露是很难找到和消费者很少读这类声明。
Boeing was the subject of a Seattle Post Intelligencer investigative story in November, which questioned its monitoring activities, including the reading of emails and波音的一个议题西雅图邮Intelligencer ）调查的故事，在11月，质疑其监测活动，包括阅读电子邮件和 videotaping of employees摄录雇员 . 。 Boeing spokesman Tim Neale said when employees log on to the corporate network they are fully informed that their activities are being monitored.波音发言人Tim neale说，当员工登录到公司网络，他们充分了解他们的活动都受到严密监控。 He said only authorized personnel have the capability to monitor corporate systems and they do so only when they have reason to suspect abuse or misuse.他说，只有经过授权的人员有能力，以监察公司的系统和他们这样做，只有当他们有理由怀疑被滥用或误用。 “For example, it is against company policy for an employee to use company systems to run his or her own business,” Neal said. “举例来说，这是对公司的政策为一名雇员使用公司的系统来运行他或她自己的业务， ”尼尔说。 “Of course, it is also against company policy to share proprietary information with parties outside the company, unless authorized by management to do so.” “当然，这也是对公司政策共享专有的资料，与各缔约方以外的公司，除非授权管理，这样做” 。
And, in probably the most publicized example, Hewlett-Packard found itself in hot water with California regulators in 2006 after it initiated an investigation of its own board of directors to discover the source of leaks to the media. ，并在可能的最宣传，例如，惠普公司发现自己在热水与美国加州监管机构在2006年后展开调查，其本身的董事局发现的来源，泄漏给媒体。 The investigation included monitoring of emails and instant messages, as well as using illegal means to obtain telephone records of employees and journalists.调查包括监测的电子邮件和即时消息，以及用非法手段获取电话记录的雇员和记者。 The company was ordered to pay $14.5 million in fines and bring its internal investigations into compliance with California laws.该公司被勒令支付1 450万美元的罚款，并将其内部调查，遵守加州法律。
Most employees have now come to expect that their activities on corporate computers are being monitored to a certain degree.大部分雇员，现在来预期它们的活动对公司的电脑都受到严密监控到一定程度。
But in 2008 CIOs will be increasingly drawn into discussions about who should be in charge of monitoring employees, what software tools should be deployed to protect corporate resources, and which electronic activities corporations should or shouldn’t watch.但在2008年的CIO将越来越卷入讨论谁应该在负责监测员工，什么软件工具应部署，以保护企业资源，以及哪些电子活动的公司应该或不应该观赏。 “There used to be an argument over whether we should be doing this at all,” says Alan Paller, director of research at the SANS Institute, an industry-sponsored research group and computer security training body. “以前是一个争论我们是否应该做这一切，说： ”阿兰帕勒，研究部主任在SANS研究所，一业赞助的研究小组和计算机安全培训机构。 “It rarely comes up as an issue any more.” “很少谈到了一个问题，任何更多” 。
David Zweig, an associate professor of organizational behavior with the Rotman School of Management at the University of Toronto who has written books on the issue of workplace monitoring, says that it is now believed close to 75% of employers have some form of electronic monitoring in the workplace.崔大伟，副教授组织行为与rotman管理学院在多伦多大学谁写的书籍的问题，工作场所的监测，说现在是相信接近75 ％的雇主有某种形式的电子监控在工作场所。
Zweig is not against monitoring.茨威格是不反对的监测。 He believes in today’s environment, where companies face a wide range of internal and external threats, some levels of monitoring are necessary.他认为，在今天的环境下，公司面临着各种各样的内部和外部的威胁，有些水平的监测是必要的。 However, he believes the monitoring should be in relation to the risk, and that companies need to do more to inform employees exactly how they are being monitored and why.不过，他认为，监测，应在有关的风险，以及公司需要做更多的告知雇员，究竟如何，他们都受到严密监控，以及为什么。 “If you give people a rational explanation for monitoring, they will at least see why the company is doing it,” he says. “如果你给人民一个合理的解释监测，他们将至少看不出为何，该公司是这样做， ”他说。 “But you should be open and inform them exactly how it’s being done and what controls are in place. “但是您应该公开和告知他们究竟如何，它的被做了什么以及管制是在地方。
“It’s easy to monitor—it’s much more difficult to develop proper controls and processes,” he says. “人们很容易监控它的更为困难，以发展适当的控制和进程， ”他说。
Ira Winkler, president of Internet Security Advisors Group of Baltimore, Md., and author of books such as “Spies Among Us” and “Zen and the Art of Information Security,” doesn’t believe in coddling employees with lengthy disclosures and explanations for why monitoring is taking place.爱尔兰共和军温克勒总统的互联网安全顾问小组的巴尔的摩，马里兰州，和作者的书籍，如“间谍在我们中间”和“禅与艺术的信息安全， ”不相信在coddling雇员与冗长的披露和解释为什么监测正在发生的。 “Get over it. “得到超过它。 Companies need to protect themselves,” says Winkler.公司需要保护自己，说： “温克勒。 “The fact is nobody should have any expectations of privacy when they’re using the company’s computers.” “事实是任何人不应有任何的期望，隐私当他们正在使用该公司的电脑” 。
In fact, Winkler advocates companies apply a blanket approach to security and use of the Internet in particular.事实上，在温克勒主张公司申请一刀切的办法，以安全和使用互联网，特别是。 Simply tell employees or suppliers accessing a corporation’s network, they are being monitored and non-approved activities will not be tolerated.简单地告诉员工或供应商进入一个公司的网络，他们都受到严密监控和非批准的活动将不会被容忍。 End of story.年底的故事。
Is that fair?这是否公平？ “I think it’s totally fair,” he says. “我认为这是绝对公平的， ”他说。 “If I want to go shop on eBay or download porn on a company computer, that’s my stupidity, not the company’s,” he says. “如果我想要去的店在易趣或下载色情对一家公司的电脑，这就是我的愚蠢，而不是该公司的， ”他说。
For many organizations the line will probably be drawn somewhere between Zweig’s and Winkler’s viewpoints.对于许多组织路线，可能会得出之间的某个茨威格和温克勒的观点。 But what is clear is a mounting body of evidence points to the need for network monitoring against a wider definition of internal and external threats.但什么是明确的是，越来越多的证据指出，需要为网络监控对一个更广泛的定义，内部和外部的威胁。

As the world’s largest retailer, Wal-Mart does often find itself a target for a wide range of protests and potential security threats.作为世界上最大的零售商，沃尔玛是否经常发现自己的目标，范围广泛的抗议和潜在的安全威胁。 Its stores have been targeted by groups who feel its low wages contribute to the working poor and it has been the subject of frequent union protests over its healthcare policies.它的商店已所针对的群体谁觉得自己工资低，贡献有工作的穷人和它一直受到频繁联盟抗议，其保健的政策。 In December alone, Wal-Mart stores were evacuated for periods of time after bomb threats were reported at stores in Somerworth, NH, Noblesville, Ind., Viera, Fla., Fruitland, Md., Fayetteville, Ark., Garden City, Kan., and Halifax, Nova Scotia.在12月，仅沃尔玛被疏散，为的一段时间后，炸弹威胁，据报在商店在somerworth ，新罕布什尔州noblesville ，工业，韦奇立，佛罗里达州fruitland ，马里兰州，费耶特维尔， ark. ，花园城市，根。和哈利法克斯，新斯科舍省。

At a gathering of security specialists in New York City in January of 2006, David Harrison, the former Army military intelligence officer who was hired by Senser to head Wal-Mart’s analytical security research center, provided a rare glimpse into the company’s monitoring operations.在一次聚会的安全问题专家在纽约市在2006年1月，大卫哈里森，前陆军军事情报官员是谁雇用的传感器，以头部沃尔玛的分析安全研究中心，提供了难得的一瞥到公司的监测行动。 Harrison told the gathering Wal-Mart faces a wide range of threats: “A bombing in China, an armed robbery in Brazil, an armed robbery in Las Vegas, another bomb threat, and that was just yesterday,” Harrison said.哈里森告诉与会人士，沃尔玛面临着各种各样的威胁： “轰炸在中国，一宗持械行劫案在巴西，一宗持械行劫案，在拉斯维加斯，另一枚炸弹的威胁，这是就在昨天， ”哈里森说。

To safeguard its employees and operations Wal-Mart has tapped its massive data warehouse of information, now believed to be larger than 4 petabytes (4,000 terabytes), to look for potential threats.为了维护其雇员和业务，沃尔玛已挖掘其巨大的数据仓库的信息，现在相信是大于4 PB的（ 4000千兆字节） ，寻找潜在的威胁。 It tracks customers who buy propane tanks, for example, or anyone who has fraudulently cashed a check, or anyone making bulk purchases of pre-paid cell phones, which could be tied to criminal activities.它的轨道的顾客谁购买丙烷坦克，举例来说，谁或任何人以欺诈手段已兑现的支票，或任何决策批量采购的预付费手机，这可能是联系在一起的犯罪活动。 “If you try to buy more than three cell phones at one time, it will be tracked,” he reportedly told the audience. “如果你想购买三年多的手机在同一时间，这将是跟踪， ”据说他告诉听众。

When CIOZone contacted Wal-Mart for comment on this story, the company said it would not provide further information or make its security officials available for interviews.当ciozone接触，沃尔玛发表评论这个故事，该公司表示，它不会提供进一步资料，或作出其负责安全事务的官员，供面试。 It did not dispute Harrison’s reported statements.它没有纠纷，哈里森的报告，报表。

But, according to one report, Kenneth Senser, the senior vice president of global security, aviation and travel, is in charge of an apparatus that spans the company’s global operations.但是，根据一份报告，丁传感器，高级副总裁兼全球安全，航空和旅行，是在负责一仪器跨越该公司的全球业务。 Senser oversees a department with about 400 employees, according to an interview he gave last March to The New York Times.传感器监督部门，与约400名员工，根据记者采访了他去年3月到新的纽约时报。 Heads of the company’s crisis management, investigative services, the analytical research center headed by Harrison, as well as individual departments assigned to address corporate fraud, security of the company’s headquarters in Fayetteville, Ark., and protection of the company’s top executives, all report directly or indirectly to Senser.元首公司的危机管理，服务，调查，分析研究中心为首的哈里森，以及个别部门指派，以解决公司诈骗，安全性该公司的总部在费耶特维尔， ark. ，和保护该公司的' s最高行政人员，所有的报告直接或间接传感器。

In its advertisements for “global threat analysts” last spring, the job description included collecting information from professional contacts and public data to assess threats coming from “world events, regional/national security climates, and suspect individuals and groups.”在其广告为“全球性威胁分析师”去年春天，职位描述，包括搜集资料，由专业的接触和公共数据，以评估未来的威胁，从“世界的事件，区域/国家安全的气候，和疑犯的个人和团体” 。

Gabbard, the Wal-Mart employee fired for recording reporters’ phone calls, said in his interview with The Wall Street Journal that Wal-Mart uses software from Raytheon Oakley Networks to monitor activity on its network. gabbard ，沃尔玛的雇员发射记录了记者的电话，说在他的访谈与华尔街日报认为，沃尔玛使用的软件由雷神公司厂商Oakley网络监察活动，其网络。 The Oakley product was originally developed for the US Department of Defense.该厂商Oakley产品原本是为美国国防部。

The Oakley software is so sophisticated it can allow administrators to visually see what types of information are moving across the network, from Excel spreadsheets to job searches on Monster.com, or photos with flesh tones that might indicate a user is viewing pornography.该厂商Oakley软件是如此复杂，它可以让管理员能够在视觉上看到什么类型的资料，现正朝整个网络，从Excel试算表求职的搜索monster.com ，或照片与肉体的铃声，可能显示用户正在浏览的色情活动。

Tom Bennett, senior vice president of Raytheon Oakley Networks, would not reveal the company’s customers other than the US Department of Defense.汤姆班尼特，高级副总裁，雷神厂商Oakley网络，将不会透露该公司的客户以外的美国国防部。 However, the company does note its customers include 10 of the Fortune 100, including top US retailers and manufacturers.然而，该公司是否注意到它的客户包括10个财富100强，包括美国零售商和制造商。

SOMETHING TO FEAR 一些恐惧

There are good reasons why companies are turning to increasingly sophisticated monitoring tools.有充分理由的公司正在转向日益复杂的监测工具。 Some studies, such as one conducted in 2006 by the FBI, suggest as much as 70 percent of attacks originate from within an organization.一些研究，例如进行一在2006年由美国联邦调查局，建议多达70 ％的攻击源于一个组织。

Not only that, but the definition of what constitutes and insider has changed.不仅如此，但定义什么构成和内幕已有所改变。 Companies now open up their corporate networks to a wide range of suppliers, consultants and customers, and that in turn opens up new avenues for security breaches and data leakage.公司现在，开放他们的企业网络，以范围广泛的供应商，顾问及客户，而这又开辟了新途径，寻找安全漏洞和数据泄漏。

Consider some of the higher profile network security breaches of the past year:考虑到一些较高的个人资料的网络安全违反过去的一年：

• Oracle sued rival SAP in March, alleging that employees of an SAP operating unit called TomorrowNow, based in Bryan Texas, stole proprietary information from Oracle’s network.甲骨文的竞争对手SAP的起诉在3月，声称雇员SAP的经营单位，所谓的TomorrowNow公司，总部设在得克萨斯州布莱恩，偷走了专有信息由甲骨文公司的网络。 In its suit Oracle claims that TomorrowNow employees used “the log-in credentials of Oracle customers with expired or soon-to-expire support rights,” and then “accessed and copied thousands of individual software and support materials.” Oracle alleges SAP then used the materials to offer “cut-rate” support deals to Oracle clients.在其诉讼甲骨文声称， TomorrowNow公司的雇员使用的“日志-在全权证书的Oracle客户与过期或即将到届满支持的权利” ，然后选择“访问和复制数以千计的个别软件和辅助教材。 ”甲骨文声称， SAP公司，然后用材料提供“割喉式利率”支持交易，甲骨文的客户。 In a statement, SAP responded to the suit by saying TomorrowNow was authorized to download materials from Oracle’s Web site on behalf of TomorrowNow customers.在一份声明中， SAP公司作出回应，该诉讼说， TomorrowNow公司获得授权，下载材料，从甲骨文公司的网站上代表TomorrowNow的客户。 It says it will defend the lawsuits in hearings expected to resume in US District Court in San Francisco early this year.它说，它将捍卫诉讼的听证会预计将恢复在美国联邦地方法院在美国旧金山于今年年初。
• Formula One racing team McLaren Group was fined $100 million last September and excluded from the 2007 Constructors’ Championship, after it was revealed a former Ferrari employee took designs for special gases with him when he defected to McLaren.一级方程式赛车队迈凯轮集团被罚款1亿美元去年9月和排除，从2007年建设者锦标赛后，据透露，前法拉利车队员工设计了特殊气体与他时，他叛逃到迈凯轮。 Ferrari was able to finger the culprit because it had deployed software from Verdasys of Waltham, Mass. which allows it to track individuals that access certain files.法拉利车队能够手指的罪魁祸首，因为它已经部署的软件从verdasys的马萨诸塞州Waltham的允许它来追踪个人存取某些文件。
• WestJet Airlines, a Canadian discount airline, was forced to issue an apology in May 2006 to rival Air Canada and pay a $15.5 million penalty, after it admitted members of its management team accessed a password protected Air Canada employee Web site and downloaded competitive data.的WestJet航空公司，加拿大航空公司的折扣，而被迫道歉的问题，在2006年5月向对手加拿大航空和支付1 550万美元罚款后，它的成员承认其管理团队访问密码保护的加拿大航空雇员的网站，并下载了竞争的数据。 The WestJet employees used the Air Canada Web site to obtain detailed information on Air Canada flight loads.该雇员使用的WestJet加拿大航空网站，以取得详细资料，加拿大航空飞行载荷。

Keith Rice, a vice president with the Threat Detection Engineering Group at Bank of America, notes that an insider may, in fact, be a partner working on critical application development overseas.基思水稻，副总统与威胁检测工程集团在美国银行指出，一个可能的内幕，其实，是一个合作伙伴工作的关键应用开发海外。 “One thing we’re running into now is we’ve outsourced a lot of development to India and other locations,” says Rice. “有一件事我们正在运行到现在是我们已经外包了大量的开发工作向印度和其他地点，说： ”水稻。 “We have very strict contractual rules in place, that state what they can do, what they cannot do, and what they must have installed on their networks. “我们有非常严格的合同规则在地方，国家，他们什么可以做，什么不能做，什么必须已经安装在其网络上。 But that creates whole new issues for us.”但创造整个新问题，为我们“ 。

“It’sa constant battle,” adds Bruce Valentine, senior vice president in treasury management at Comerica Bank. “这是不断的战斗中，补充说： ”布鲁斯情人节，高级副总裁在国库管理在Comerica公司的银行。 Valentine is responsible for ensuring the security of the bank’s e-commerce and other customer facing applications.情人节是负责确保安全，该银行的电子商贸及其他客户所面临的申请。 “We have what everyone wants - money. “我们有什么大家都希望-金钱。 And data is the key to that money,” says Valentine.和数据的关键是钱，说： “情人节。 In today’s competitive banking environment, you have to open up your networks to customers, says Valentine, but that means you have to put systems in place to manage the risk.在今日竞争激烈的银行业的经营环境，你必须打开你的网络，向客户表示，情人节，但是这意味着你必须向系统已经到位的管理风险。

Keith Carter, executive director of materials management systems with Estée Lauder, agrees that companies have to accept a certain amount of risk or trust when dealing with partners and suppliers.祁俊文卡特，执行董事，材料管理系统与estée雅诗兰黛，同意公司必须接受一定数额的风险或不信任，在处理与合作伙伴和供应商。 But, he says, that doesn’t mean blind trust.但他说，这并不意味着盲目的信任。 He shared a recent example of data leakage at a security conference in Palo Alto in November.他赞同最近的一个例子，数据泄漏在一个安全会议在帕洛阿尔托11月。 Estée Lauder had designed a counter poster display it wanted to use in stores with its Bobbi Brown cosmetic line. estée雅诗兰黛曾设计了一个反海报展示它想用在商店与bobbi布朗化妆品线。 “One of our competitors came out with it a month earlier, because the photographer, in this case, showed it to the competitor as a sample [of their work]. “我们的一个竞争对手出来与它一个月前，因为摄影师，在这种情况下，表明它向竞争对手作为一个样本， [他们的工作] 。 We couldn’t use it any longer, because we didn’t want to look like we were the ones who copied the idea,” says Carter.我们无法使用它的任何更长的时间，因为我们不想看起来像我们那些抄谁的想法，说： “卡特。

In this case, the company ended its relationship with the photographer, but Carter says the incident demonstrates how easily competitive data can leak out of an organization without proper controls in place.在这种情况下，该公司结束了与摄影师，但卡特说，这一事件表明，如何在竞争激励的数据很容易可以泄漏出来的一个组织，没有适当的控制，在地方。 It also demonstrates the kind of analysis companies need to perform to determine what types of data or files need to be protected.它还表明种分析公司需要执行，以确定哪些类型的数据或文件需要受到保护。

CONTROLS REQUIRED 控制所需的

The consensus seems to be that in today’s environment, where corporate networks are increasingly exposed to insider and outside threats, companies must protect their data by putting controls, policies, and systems in place to monitor activity.的共识，似乎是说在今天的环境下，企业网络正日益暴露的内幕和外部的威胁，各公司必须保护他们的数据，把管制，政策和制度，以监察活动。

But if you accept it as a necessary evil, how do you go about putting systems and policies in place, and making sure employees, partners and suppliers abide by those policies?但是，如果你接受它作为一个必要之恶，你怎么去把制度和政策在地方，并确保员工，合作伙伴和供应商遵守这些政策呢？

“When we hear people tell horror stories, so often the breakdown is in the area of communication,” says Robin Ruefle, a member of the technical staff at the Carnegie Mellon Software Engineering Institute Computer Emergency Response Team (CERT). “当我们听到有人告诉恐怖故事，所以往往破裂是在该地区的沟通，说： ”罗宾ruefle的一员，技术人员在卡内基梅隆大学软件工程研究所计算机紧急反应小组（证书） 。

“The right people didn’t get told in the right time frame, the information didn’t get to the right people who could effect change, people didn’t know what the right policies or procedures were . “人民的权利没有得到说，在正确的时间内，信息没有得到，以合适的人谁可以改变的影响，人们不知道有什么正确的政策或程序。 . 。 . 。 there’sa breakdown in process.” Ruefle’s team is involved in developing security best practices for organizations, including creating Computer Security Incident Response Teams (CSIRTs) to respond to security incidents as they happen.有故障的过程“ 。 ruefle的研究小组正在对涉及的发展中国家安全的最佳做法的组织，包括建立计算机安全事件反应小组（ csirts ）作出回应的安全事件，因为它们发生。

“A lot of people think it’s just about technology, but really, developing and having the right processes in place is critical,” says Ruefle. “很多人认为这只是技术，但说真的，发展中国家和拥有的权利过程中的地方，是至关重要的，说： ” ruefle 。 “It’s about being prepared. “这是关于正在准备之中。 What’s your plan?你对此有何计划？ Who’s involved?谁的参与？ Do they know what to do when something’s happened?他们知道做什么，当东西的事？ Do they know what the policies and procedures are?他们知道什么政策和程序？ Do they know how to escalate?他们知道如何升级？

“Having those processes in place, along with the right education, is key.” “有这些过程中发生的，随着教育的权利，是关键” 。

Zweig, the associate professor of organizational behavior with the Rotman School of Management at the University of Toronto, says while monitoring may be a necessary evil, companies should resist the temptation of putting in systems that go beyond what is necessary.茨威格，副教授，组织行为与rotman管理学院在多伦多大学说，尽管监测可能是必要之恶，公司应抗拒诱惑，把在系统超越了什么是必要的。

He says there is a line that can be drawn between benign monitoring and intrusive, and Wal-Mart has crossed that line.他说，有一条线可以得出之间的良性监测和侵扰，以及沃尔玛已越过该行。 “If you have to use a stick, make sure the stick is in relation to the behavior you’re trying to stop,” says Zweig. “如果你有使用棍棒，请务必坚持，是在有关的行为，您试图阻止，说： ”茨威格。 “People are going to rebel against the constant monitoring, and you know, Wal-Mart is going to reap what they sow.” “人是要反抗不断监测，你也知道，沃尔玛是去获得什么，他们母猪” 。

See More: 看到更多的： Big Brother 大哥哥

Have Your Say: Wal-Mart Spying: Good, Bad, Or Just The Future? 你说：沃尔玛间谍：好，坏，或者只是未来？
Please note, only selected comments will be published.请注意，只有选定的评论将出版。

Or discuss this report in our new forums 或讨论这个报告在我们的新论坛

RSS 的RSS TrackBack URL 跟踪 RUI

Name (required) 姓名（必填）

Mail (will not be published) (required) 邮件（不会被公布） （必填）

Website 网站

This entry was posted on Friday, January 18th, 2008 at 2:12 pm and is filed under 此项目被张贴于周五， 2008年1月18日在下午2时12分，并提交下 General 一般 , ， Surveillance, Civil Liberties & Human Rights News 监视，公民自由及人权新闻 . 。 You can follow any responses to this entry through the 您可以按照任何的反应，此项目通过 RSS 2.0 2.0 feed. 喂养。 You can 您可以 leave a response 留下的回应 , or ，或 trackback Trackback跟踪 from your own site. 从你自己的网站。

Loading ...载入中...

TOP NEWS DISCUSSIONS top新闻讨论

LATEST NEWS DISCUSSIONS 最新消息讨论

Activism & Protest News 积极与抗议新闻 | | Business News 商业新闻 | | Civil & Human Rights News 公务员＆人权新闻 | | Environmental News 环境新闻 | | Media News 新闻 | | Globalisation News 全球经济一体化新闻 | | Web Development News Web开发新闻

ADVERTISEMENTS广告

SITE MAPS网站地图

7/7 7 / 7 Afghanistan阿富汗 Alternative Energy替代能源 Art艺术 BBC英国广播公司 Big Brother大哥哥 Bilderberg 。 Bilderberg Biometrics生物识别技术 Bush布什 CIA美国中央情报局 Climate Change气候变化 Cover Up掩盖 Cults邪教 Culture文化 Database State数据库状态 David Hicks大卫希克斯 David Ray Griffin朱射线格里芬 Democrats同盟 Demos演示 Drugs药物 Education教育 EU欧盟 False Flag虚假国旗 FBI美国联邦调查局 Fraud欺诈 Free Speech免费的讲话 Freemasons共济会 G8八国集团 Globalization全球化 Guantanamo关塔那摩 Health News健康新闻 History历史 ID Cards身份证 Internet互联网 Iran伊朗 Iraq伊拉克 Israel以色列 Law法律 Marches游行 MI5军情五处 MI6军情六处 Microsoft微软 Military军事 MoD按付款当日价格计算 Money金钱 Music音乐 NASA美国航天局 Neocons新保守主义者 NSA美国国家安全局 Oil石油 Pakistan巴基斯坦 Podcast播客 Police State警察国家 Propaganda宣传 RFID的RFID RINF rinf Rumsfeld拉姆斯菲尔德 Science科学 Secrecy保密 Security安全 Slavery奴役 Space空间 Sports体育 Spying谍报活动 Stephen Lendman斯蒂芬lendman Technology技术 Terrorism恐怖主义 Tony Blair托尼布莱尔 Torture酷刑 TV电视 UK News英国新闻 UN联合国 USA News美国新闻 Video视频 Voting投票 Warfare战 White House白宫 Wolfowitz沃尔福威茨 World News世界新闻 Yahoo雅虎
2003 - 2005 Archives 2003 -2 005档案 | 2005 - 2007 Archives 2005年-2 007年档案 | 2007 - 2008 Archives 2007 -2 008档案 | Current Archives目前档案 | Past Version |过去的版本

About 大约 | | DVD Store DVD的商店 | | Opinion 民意 | | Reviews 评语 | | Special Guests 特别来宾 | | Webmasters 网站管理员