Monday, December 19, 2016

Address cannot be validated...

It's the season for gift giving so I dutifully went to the shipping store to send off a package of toys for my niece & nephew. To use a technical term, I'd pre-configured everything (aka boxed & labeled) so it was ready to go. I put the box on the scale, the person behind the counter measured it then started up the shipping app. Typical questions, what are the contents, when do you want it to get there, do you want insurance? Everything was proceeding fine until we hit a snag, the shipping address cannot be validated? What do you mean, I've shipped items to them before without an issue. So the clerk asked if I wanted to ignore the warning and I said yes. So we are at the end of the process, a physical label has been printed (it will be affixed to the package itself) and I'm asked to check it. That is when I saw the error, we're missing a 1 in the address field. Had to start the process again, got to the part for the address field and yes, with the "extra" 1 the address was validated, the label was printed and the package shipped - success! But what does this say about "we" humans and our ability to acknowledge or ignore warnings? This was a simple task and yet both humans (with one of them purporting to be a Subject Matter Expert regarding the correct shipping address) missed a warning that could have lead to a critical error.

Let's extrapolate this situation to the field of information technology, specifically security and the protection of digital assets. The hack of Sony Pictures comes to mind. Let's hypothesize that Sony Pictures had a robust Intrusion Detection \ Intrusion Prevention System (IDS \ IPS) in place at the time of the hack. Imagine members of the IT Department sitting at their desks, staring at their screens when an alert pops up along with an alarm bell. The IDS \ IPS indicates there is abnormal activity on the network, that a large amount of data is outbound and do they want to allow (click "Yes") or block (click "No") the activity?

So, what will you do next time you get a warning that, a) the shipping address cannot be validated or, b) that there is abnormal activity on the network and that a large amount of data is outbound?

- Rob

No comments: