Ne devenez pas un criminel, sécurisez vos données!

Déroulez ici

Si vous êtes un professionnel de la sécurité, voici la mésaventure d’un informaticien qui vous rappellera l’importance de correctement protéger vos données.

Someone alerts you to exposed, unencrypted patient information on your FTP server. Is the correct response to thank them profusely or try to have them charged as a criminal hacker?It is not a trick question. Once again, a security researcher has found himself facing possible prosecution under a federal statute known as the Computer Fraud and Abuse Act (CFAA). His crime, according to a dental-industry software company, was accessing what had been left publicly available on the open Internet.

Sans remettre en question l’importance de prévenir et corriger les failles de sécurité, ce cas pose la question de la limite de responsabilité et l’interprétation de la justice des notions de négligence et d’intention (de nuire). Il sera donc intéressant de suivre le développement de cette interprétation juridique.

FBI raids dental software researcher who discovered private patient data on public server | The Daily Dot

Someone alerts you to exposed, unencrypted patient information on your FTP server. Is the correct response to thank them profusely or try to have them charged as a criminal hacker? It is not a trick question. Once again, a security researcher has found himself facing possible prosecution under a federal statute known as the Computer Fraud and Abuse Act ( CFAA).