okgc
Heisman
Posts: 7,499
Joined: Jul 2007
Reputation: 38
I Root For: WMU
Location:
|
Hackers steal WMU professor's paycheck
|
|
02-02-2014 09:35 AM |
|
DesertBronco
Banned
Posts: 34,173
Joined: Feb 2007
I Root For: 9 wins ASAP!!
Location: TenBuckTwo
|
RE: Hackers steal WMU professor's paycheck
I agree. If a payroll department has a policy of direct deposit only, then they assume liability. If it's a choice, they might be able to wiggle out but it's WMU's responsibility to deliver the payment in the manner he chose, paper or direct deposit.
That's some bad security there. Not surprising considering it's a public institution, they're usually the worst. Sounds like they know the employee self service process, get access to the application and make the changes that way. Betcha dollars for donuts he was phished and gave the info up. These days most security requires you to double verify with what you know and with something 'that you have'. That's why you see a double verification where they text or send to an email of your choice and you need to respond with the code, you posses the code in addition to knowing your login credentials. That would have helped.
Very lame of them not to honor that and try to get out of paying. If the prof had his bank account hacked the bank would have been on the hook.
(This post was last modified: 02-02-2014 10:52 AM by DesertBronco.)
|
|
02-02-2014 10:47 AM |
|
Charm City Bronco
Fights for Justice
Posts: 5,211
Joined: Jun 2010
Reputation: 46
I Root For: WMU
Location: 20011
|
RE: Hackers steal WMU professor's paycheck
Real low class on the part of WMU. Who's the paper pushing admin who made the call to screw an employee who actually provides value and education?
|
|
02-02-2014 12:24 PM |
|
DesertBronco
Banned
Posts: 34,173
Joined: Feb 2007
I Root For: 9 wins ASAP!!
Location: TenBuckTwo
|
RE: Hackers steal WMU professor's paycheck
FWIW, when "self service" was rolled out almost a decade ago as part of HRMS systems, HR/PR department professionals all over had an issue with it for this very reason, but to cut costs (i.e. "head count"), the people at the big tables wanted to roll that functionality out to their employees so they wouldn't have to have headcount available to do these processes.
The irony is that now the employee gets the shaft for something that shouldn't have been available to him in the first place, there was nothing wrong with the process of requesting a change of info and going through a procedure to ensure accuracy and safety of the information.
Gotta love the man. I just smh when I hear this rationalization go on these days. I'm ready to quit and do Walmart Greeting, serious.
(This post was last modified: 02-02-2014 12:47 PM by DesertBronco.)
|
|
02-02-2014 12:47 PM |
|
Charm City Bronco
Fights for Justice
Posts: 5,211
Joined: Jun 2010
Reputation: 46
I Root For: WMU
Location: 20011
|
RE: Hackers steal WMU professor's paycheck
(02-02-2014 12:47 PM)DesertBronco Wrote: I'm ready to quit and do Walmart Greeting, serious.
Don't, it's what the GOP wants.
|
|
02-02-2014 12:53 PM |
|
Tommyboy
1st String
Posts: 2,231
Joined: Jan 2005
Reputation: 22
I Root For: WMU
Location: Kalamazoo
|
RE: Hackers steal WMU professor's paycheck
I know a few Computer Science guys who spent their freshmen year hacking the network and got jobs with the University as sophmores in order to protect their own data from others doing the same.
|
|
02-02-2014 07:16 PM |
|
stdatwmu
All American
Posts: 3,931
Joined: Sep 2007
Reputation: 58
I Root For: WMU Broncos
Location: Dayton, OH
|
RE: Hackers steal WMU professor's paycheck
LastPass.
Seriously, you should not use duplicate passwords for anything in this day and age. They should be as long and complex as possible! And enable two-factor authentication anywhere it's available.
Diceware is another great security concept.
...and for an awesome discussion on web security, read this piece from James Fallows. Seriously. Right now. Read the whole thing.
As for this guy, yeah, certainly seems like WMU could/should be doing more to rectify the situation. The prof shouldn't be losing a paycheck because of the security lapse - unless it's shown he actively did something to cause it. That definitely doesn't appear to be the case, based on the article.
(This post was last modified: 02-03-2014 02:41 PM by stdatwmu.)
|
|
02-03-2014 01:20 PM |
|