Information! Security?

At the State entity I work for, I’ve been annoyed twice by blatant scam robocalls. I decided finally I would report them.

After looking around my intranet, I find out we have an information security office, which I think the law mandates all State entities have. So I call the hotline listed and get… this.

Crap!

I now go and log in to the State telephone directory and try and look it up in my agency. I find a number for someone whose title sounds somewhat related to infosec, so I call  John Doe. After a few rings, I get a message that “Richard Roe is out of the office.” I hang up.

I can call the head of my entity (one grade lower than the Governor), but not the ISO.

I do spot, however, a number for “information” and call it.

I immediately get a person. I ask for information security. She asks me if I mean the people down at the lobby who check people coming in and provide directions (“Information/Security”, but not “Information Security”). I tell her no, and she immediately almost snaps at me, asking me “who DO I want, then?”

I ask for the people I should report a security breach to. A pause. “There aren’t many people on the floor here…”

“Should I call back tomorrow?”

“Yes, during normal business hours, like 9 to 3.”

“OK” – I hang up. Now, the State’s standard workday is 8 am to 4 pm, so I’m not sure where she’s getting her hours from. VRWS maybe?

Even if I do eventually get to where I need to be, this outdated information on our intranet should be corrected or purged.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s