I once worked someplace whose management laid an egg when they found out that it was possible to sniff network traffic over hubs. So they replaced all the hubs in their network, at considerable expense, with switches for an extra layer of security.
That’s fine. Except…Except the back door of the building never closed right, so it was pretty easy for anyone to just waltz right into the office. Nobody ever did, that I know of. But still, that’s not good.
But that’s not the end of it. One time I saw one of the other IT guys pick the lock on the server room. With a sheet of typing paper.
Yes. He grabbed a piece of paper out of the closest wastebasket, folded it in half, then in half again, pushed it into the gap in the door, made an upward motion, and freed the catch. Then he just walked in. It was easier than remembering the combination.
They spent tens of thousands of dollars out of paranoia that some employee would bring in a sniffer and plug it into the network, but wouldn’t pay the $200 or $300 it would cost to have a contractor come in for a couple of hours to make sure the doors were secure.
One of my clients had an incident with a door in a secure room yesterday, and that reminded me of this former client’s door problems. This current client fixed the problem in about 30 minutes.
It’s been five years, but I probably could still get into that former client’s server room. The hardest part would be remembering where the doors are.