As most of you know, Halloween is upon us! It isn’t just a time for Steven King movies and trick-or-treating, but it’s also a time to reflect back on some of our own horror stories in IT.

To help celebrate Halloween, we have asked some folks from the security industry to share their scary security stories with us! We hope you enjoy. Feel free to share your stories in the comments below.

Leslie Sloan, Senior Systems Engineer at Tripwire

The year was 2013. I was contracted to a state government information security office to implement their vulnerability management program; part of this work included visiting the state’s correctional facilities. I pulled up to the address for the meeting; I was expecting to meet the IT manager in an office building. NOPE, their office was IN the correctional facility. It was just like on TV – high fences topped with coiled razor wire, guard towers with heavily armed guards. I was a bit freaked out, to say the least.

I ventured in to meet with the IT manager. I left the device profiler in my car and only brought my credentials inside. After signing in and a trip through a metal detector, I was able to meet with the IT manager. An inmate was assigned to assist me in gathering the DP and installation hardware, all of which were closely examined by the door guard, counted, documented, and followed by a trip through an X-ray machine. The inmate accompanied the IT manager and me to the data center and assisted with the installation. It was a standard install and knowledge transfer at this point. It was so unnerving for me inside the facility, and many inmates were moving freely around the facility. It reminded me of how a high school (Read more...)