Thursday, August 7
Federal Bank Auditors Suck
I work in banks, installing, supporting and maintaining their computer systems used in transaction processing.
Banks get audited for IT Security by either State or Federal auditors, depending on how they are chartered.
This would be great, if the auditors had a fucking clue. However, for the most part, they don't have a clue, and I get stuck cleaning up the mess. Or even better, I get to explain to the person who passed the government employment test with a GED as their sole source of education, that just becuase they think it ought to work that way, doesn't mean that it will work that way.
Recently all my banks have been getting OCC (Office Of The Comptroller Of The Currency) audits.
Three banks, three identical Windows 2000 domains. One auditor with a burr up his ass.
Says we HAVE to set the banks lockout policy for failed password attempts to 90 days. So if a user types in a bad password 5 times, his account is locked out 90 days, or until an administrator unlocks the account. Sounds simple, right? Well, Windows 2000 does not have a 90 days setting, you can only set it from 1-9999 minutes. Now, 9999 minutes is about 69 days, but the auditor is insisting on 90 days.
What a dumbass. Just what I need. Someone who has no familiarity with software, telling me that I sould be able to set it to do something that it will not do becuase of how the programmers set it up in the first place.
No wonder my blood pressure is so damn high.
Banks get audited for IT Security by either State or Federal auditors, depending on how they are chartered.
This would be great, if the auditors had a fucking clue. However, for the most part, they don't have a clue, and I get stuck cleaning up the mess. Or even better, I get to explain to the person who passed the government employment test with a GED as their sole source of education, that just becuase they think it ought to work that way, doesn't mean that it will work that way.
Recently all my banks have been getting OCC (Office Of The Comptroller Of The Currency) audits.
Three banks, three identical Windows 2000 domains. One auditor with a burr up his ass.
Says we HAVE to set the banks lockout policy for failed password attempts to 90 days. So if a user types in a bad password 5 times, his account is locked out 90 days, or until an administrator unlocks the account. Sounds simple, right? Well, Windows 2000 does not have a 90 days setting, you can only set it from 1-9999 minutes. Now, 9999 minutes is about 69 days, but the auditor is insisting on 90 days.
What a dumbass. Just what I need. Someone who has no familiarity with software, telling me that I sould be able to set it to do something that it will not do becuase of how the programmers set it up in the first place.
No wonder my blood pressure is so damn high.
Number of people who will never get their time back from reading this page:
