Page 3 of 4 First 1234 Last

Thread: Data Breach

  1. #21

    Join Date
    Jun 2013
    Location
    Isanti, MN
    Posts
    2,813
    Smmiteworks does not host the games you play. That is an important distinction from R20. If someone hacks your game, they get your game and that's it. Make sure the password you use here is different from the password you use anywhere else, and there is very little information they can get from you here. Even most of the financial information is stored at PayPal and not with Smiteworks.

  2. #22
    damned's Avatar
    Join Date
    Mar 2011
    Location
    Australia
    Posts
    18,935
    Blog Entries
    1
    Quote Originally Posted by esmdev View Post
    A 5 year or 10 year plan is basically a setup for failure. What you need is a constantly evolving plan or a security service that is managing that for you.

    Most hosting services offer services that constantly check websites for known vulnerabilities and provide the client with regular reports. It would be safe to make the assumption that most forward facing commercial entities take advantage of that.
    100%.
    I do a lot of work in cyber security. Its not my exclusive gig but I spend more than a third of my time on cyber security now.
    I dont have a 2 year plan for cyber security.
    Every day we learn more about the current threat environment from published vulnerabilities and fixes, from changing traffic patterns in logs, from shared discussions with others operating in my space and from the @#$% I deal with every day.
    We make multiple changes and updates across all of our networks every week.
    Todays best practice mght be frowned upon tomorrow and possibly laughed at in 2 years.


    Quote Originally Posted by Dtoad View Post
    Hey smiteworks I know I'm kinda new here but I would like to know the address of your company and the locations of all your security cameras and I need to know the passwords to get in and where you keep your car keys and the ss# of all your employees so I can evaluate my security if I buy your product.

    Just looking for straight answers. K thx bai.


    Also, and this is VERY important....boxers or briefs?
    Briefs. I just feel safer in briefs ok.

    MoreCore - Generic Ruleset
    --- Projects ---
    Extensions | Tutorials | MoreCore | MoreCore Themes | Call of Cthulhu | Maelstrom | FG Con

  3. #23
    I am certainly glad you are both not doing my cyber security LOL. If you do not have a budget plan, training plan, hiring plan, talent recruitment plan, and resource allocation plans for cyber security that goes forward 5 years or more looking towards the what ifs and trends of the field, you are going to fall behind. Goals and mile stones are huge. IN addition you could have said I don't know or said we have a plan that protects against this or that or even better pointed me in the direction of someone who may be able to. Lastly, briefs are for old people. Boxers ftw.

  4. #24
    Trenloe's Avatar
    Join Date
    May 2011
    Location
    Denver, Colorado, USA (for a bit)
    Posts
    23,892
    @bukkyo- get real. Sorry, but you really need to get real. SmiteWorks is not some massive company with hundreds of employees and budgets that allow them to plan that far into the future. We're talking about the RPG industry here, not some MMO or console company that has millions of turnover and stores financial details about you.

    And, again giving you some reality here, I think you'll find that most small companies with some form of Internet presence which stores a small amount of your data is in the same boat.

    Quite frankly, with your viewpoint I'm surprised you even go onto the Interent, because 99% of the websites out there don't have anything like the years into the future plans you seem to think are essential. Disconnect from the 'net!!!

    FG Con 15 Fantasy Grounds Online RPG Convention - Nov. 8-10, 2019
    Register at www.fg-con.com for all the latest info.

    Private Messages: My inbox is forever filling up with PMs. Please don't send me PMs unless they are actually private/personal messages. General FG questions should be asked in the forums - don't be afraid, the FG community don't bite and you're giving everyone the chance to respond and learn!

  5. #25
    Oh Bukkyo, what shall we do against the vile marauders at the door?! Will you protect us, oh noble Bukkyo? Name your price stalwart defender, and I shall certainly pay it, for you are our only salvation.

    Your knowledge of all the buzzwords and catchphrases prove that it must be so ...

  6. #26
    Trenloe's Avatar
    Join Date
    May 2011
    Location
    Denver, Colorado, USA (for a bit)
    Posts
    23,892
    Quote Originally Posted by bukkyo View Post
    If you do not have a budget plan, training plan, hiring plan, talent recruitment plan, and resource allocation plans for cyber security that goes forward 5 years or more looking towards...
    Sorry to reply again to this, but I have to follow up on this. Are you seriously expecting a company of less than 10 employees to have these things in place for 5 years or more? Budget plan? Training plan? Hiring plan? Talent recruitment plan? Resource allocation plan? For cyber security 5 years or more into the future?

    Even if we're talking about a big company with hundreds of thousands of $$ to dedicate to this, as has already been mentioned - with cyber security you don't know what's coming next week, let alone next year. 5 years into the future? You may as well be planning a mission to Alpha Centauri for the relevance it's going to have.

    FG Con 15 Fantasy Grounds Online RPG Convention - Nov. 8-10, 2019
    Register at www.fg-con.com for all the latest info.

    Private Messages: My inbox is forever filling up with PMs. Please don't send me PMs unless they are actually private/personal messages. General FG questions should be asked in the forums - don't be afraid, the FG community don't bite and you're giving everyone the chance to respond and learn!

  7. #27
    Quote Originally Posted by Trenloe View Post
    Sorry to reply again to this, but I have to follow up on this. Are you seriously expecting a company of less than 10 employees to have these things in place for 5 years or more? Budget plan? Training plan? Hiring plan? Talent recruitment plan? Resource allocation plan? For cyber security 5 years or more into the future?

    Even if we're talking about a big company with hundreds of thousands of $$ to dedicate to this, as has already been mentioned - with cyber security you don't know what's coming next week, let alone next year. 5 years into the future? You may as well be planning a mission to Alpha Centauri for the relevance it's going to have.
    To be honest I was going to say that the company structure he describes sounds pretty small. In the companies I used to work at budgets were handled by executives and accounting, training was handled by education, hiring and recruiting (basically the same thing listed twice) by human resources, software security by MIS, network security handled by network administration (software), network engineering (hardware), etc... the focus groups assigned to prepare for disasters, cyber intrusions, physical intrusions, etc., probably were each larger than the entire staff of Smiteworks.

    The difference of course is the staff of Smiteworks have shown to be fairly computer savvy whereas a companies like the ones I'm talking about have a few hundred or even thousand savvy people and a couple hundred thousand 'users' spread across the globe that you could warn all day and they'll still click that email you just warned them about...

  8. #28
    Quote Originally Posted by esmdev View Post
    The difference of course is the staff of Smiteworks have shown to be fairly computer savvy whereas a companies like the ones I'm talking about have a few hundred or even thousand savvy people and a couple hundred thousand 'users' spread across the globe that you could warn all day and they'll still click that email you just warned them about...
    That describes where I work, except there's not thousands of us and we're not spread across the globe. There is no protection from the guy who clicks the email. No training helps. That guy is unstoppable.

  9. #29
    Training helps, but it doesn't stop everyone. No one thing does. Sometimes things look so good I almost fall for it. I do agree SmiteWorks is far more transparent than most companies.


    Bukkyo If you reread the statement, you can SmiteWorks employs folks who's focus on the areas of concern you've brought up. I can understand some of the frustration. It sucks any of us have to worry about it.
    Last edited by Mortani; August 15th, 2019 at 13:51. Reason: employs typo :)

  10. #30
    dulux-oz's Avatar
    Join Date
    Jan 2012
    Location
    Brisbane, Australia
    Posts
    4,004
    Blog Entries
    14
    Quote Originally Posted by bukkyo View Post
    I am certainly glad you are both not doing my cyber security LOL. If you do not have a budget plan, training plan, hiring plan, talent recruitment plan, and resource allocation plans for cyber security that goes forward 5 years or more looking towards the what ifs and trends of the field, you are going to fall behind. Goals and mile stones are huge. IN addition you could have said I don't know or said we have a plan that protects against this or that or even better pointed me in the direction of someone who may be able to. Lastly, briefs are for old people. Boxers ftw.
    That sounds like someone who has read a couple of the IT Security course manuals (& perhaps, maybe, sat one of the exams) but as someone who has a Masters Degree in IT (Management & Security) as well as a slew of other IT qualifications (proof: check out my LinkedIn Profile and/or call the relevant Universities/Organisations and ask) I can tell you that that is not how the real world works - for small or large companies!

    And that's one reason (but not the most relevant) why we have IT Security Issues reported in the news every week.
    Dulux-Oz

    √(-1) 2^3 Σ Π
    ...And it was Delicious!


    Alpha-Geek
    ICT Professional
    GMing Since 1982
    NSW, Australia, UTC +10
    LinkedIn Profile: www.linkedin.com/in/mjblack

    Read my FG Blog here.

    Watch our games on Twitch: www.twitch.tv/dulux_oz

    Support Ongoing Video, Ruleset & Extension Development: via PayPal (Send To: [email protected])

    YouTube Channel/Tutorial Playlists: www.youtube.com/c/duluxoz

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Log in

Log in