Ermm...what security?
Jan. 18th, 2007 08:25 pm![[identity profile]](https://www.dreamwidth.org/img/silk/identity/openid.png){kind=small}
meijhen.livejournal.com posting in ![[community profile]](https://www.dreamwidth.org/img/silk/identity/community.png){kind=small}
techrecoveryOK, so maybe this isn't horrible and not TRULY stupid, but it's one of those things that makes you go....wtf?
BG: I am second-level support for an e-procurement solution -- users login to the website, click through to the eProc side, and can then happily order services & hardware through their company catalog. They must login to the front end first, and then the tool automatically validates when they go through to EP. However, because many users only use the whole solution to access the EP, they refer to the whole thing as "myEP." NOTE: I only support the EP portion, not the web front-end.
I received a ticket yesterday for a lady who wasn't able to login. Usually this is a web front-end issue, but the helpdesk just hears the words "myEP" and sends to us. Not really their fault, they got no training when this went live.
Severity 4 ticket, and I'm not even sure if I can do anything for her, so I send her a note and ask her exactly where she's receiving the error, blah blah blah.
I get a note back that says she doesn't know when I received this ticket, but this had been resolved "weeks ago," all snotty that this ticket has been open for ages or something. I doublecheck the ticket -- not only did I just receive it, but it had only been opened that day too. Hunh.
So I closed it, with a comment cut and pasted from the user's mail.
Today, get a ticket for the same lady. Only this time, it's a sev 2. And in the description it says, the lady who responded to me didn't realize that someone else (her admin) is actually trying to login as her to do her job for her, and the admin lady needs this resolved ASAP.
Um....WTF? Admitting in the ticket that you are committing a security violation (and these people both work for a HUGE bank in a country that is very hyper about security) is not usually a good way to get something done!
Luckily for me....she did clarify that the problem is with the web front-end and not the EP part...so I shipped it off to the other team, after putting a note in the ticket that I wasn't sure this was acceptable procedure.
Man. I wonder about people sometimes.
BG: I am second-level support for an e-procurement solution -- users login to the website, click through to the eProc side, and can then happily order services & hardware through their company catalog. They must login to the front end first, and then the tool automatically validates when they go through to EP. However, because many users only use the whole solution to access the EP, they refer to the whole thing as "myEP." NOTE: I only support the EP portion, not the web front-end.
I received a ticket yesterday for a lady who wasn't able to login. Usually this is a web front-end issue, but the helpdesk just hears the words "myEP" and sends to us. Not really their fault, they got no training when this went live.
Severity 4 ticket, and I'm not even sure if I can do anything for her, so I send her a note and ask her exactly where she's receiving the error, blah blah blah.
I get a note back that says she doesn't know when I received this ticket, but this had been resolved "weeks ago," all snotty that this ticket has been open for ages or something. I doublecheck the ticket -- not only did I just receive it, but it had only been opened that day too. Hunh.
So I closed it, with a comment cut and pasted from the user's mail.
Today, get a ticket for the same lady. Only this time, it's a sev 2. And in the description it says, the lady who responded to me didn't realize that someone else (her admin) is actually trying to login as her to do her job for her, and the admin lady needs this resolved ASAP.
Um....WTF? Admitting in the ticket that you are committing a security violation (and these people both work for a HUGE bank in a country that is very hyper about security) is not usually a good way to get something done!
Luckily for me....she did clarify that the problem is with the web front-end and not the EP part...so I shipped it off to the other team, after putting a note in the ticket that I wasn't sure this was acceptable procedure.
Man. I wonder about people sometimes.
![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
no subject
Date: 2007-01-19 03:59 am (UTC)no subject
Date: 2007-01-19 03:00 pm (UTC)no subject
Date: 2007-01-19 03:01 pm (UTC)Ummm... yeah.
no subject
Date: 2007-01-19 03:11 pm (UTC)