A Nightmare Before Friday

I’ve just discovered a problem.  Specifically, something that I feel is a very major breach of basic security practices, leading to a situation where significantly confidential systems information is available publically on the internet to anyone, without need for any identification.  A fairly major security vulnerability, potentially a violation of not just my workplace policies, but of certain statutes that carry significant consequences if violated.

My nightmare is thus – the individual responsible for this violation is the “fair-haired golden boy” of the group, and nigh untouchable.  I have raised several issues of similar, if much lesser, import previously with both my supervisor and my boss, and have been told in no uncertain terms to “just leave well enough alone” (not an exact quote, of course).

What would you do?

Comments are closed.