Web Content, Google and Security

via Dan Gillmor's eJournal:

Scott Granneman has a detailed description how Google's search power exacerbates existing security problems, from the article:

On the other side of the coin we have complexity. For all the ease that has come about in the past several years, no matter how simple it has become for Bob in Marketing to publish the company's public sales figures online, the fact remains that we're dealing with complex systems that have many, many points of potential failure. That knowledge scares the hell out of the people who live security, while Bob goes blithely on successfully publishing the company's public sales figures ... and accidentally publishing the spreadsheet containing the company's top customers, complete with contact info, sales figures, and notes about who the salespeople think are good for a few thousand more this year.

I would add some additional observations; Bob in Marketing cannot reasonably be expected to be an internet publishing expert, even less can he be expected to be a security expert. Vendors must address security issues without delay.

Security should be part of your content management system. Don't have one? Get one.

We also need to lose this idea that simply because something is not properly locked down, it is ok to steal it.