Security: Easy to Preach, Pretty Hard to Practice

Rein Krul

Rein Krul

Published: 13 October, 2015

Recently I registered for an IT Security event, hosting trade shows and seminars addressing IT-security. After registration and logging in on their website with the credentials which were sent to me (by e-mail, in plaintext) something occurred to me: I was missing the 'green lock' in my browser's address bar (green lock). It turns out that the website happily lets you fill in your personal information and credentials over an unencrypted HTTP connection. Worse: it doesn't even support HTTPS at all. How can an organisation which is dedicated to IT-security justify such a potential information leak?

Once more it became clear to me that security is easy to preach, but pretty hard to put into practice.

Did you enjoy reading?

Share this blog with your audience!