Friday, December 14, 2018

Enterprise Risk Management

Password
Catch 22



I HAVE A YAHOO EMAIL account I rarely use.

From time to time I log in to clean house. Mostly Yahoo fills up with spam.

It is the one email account that has a static password. (My “real” email accounts, ones that forward mail to my email consolidator — Outlook on Windows or Evolution on Linux — are elsewhere.)

Yahoo logo

THIS MORNING I tried to log on to the Yahoo account. Something went “bump in the night” and Yahoo had a problem with my password.

Not a problem.

Yahoo has a password recovery process.

The process requires a phone that has text messaging capabilities.

My phone’s text messaging is turned off.

In other words, I’ll never be able to clean out all the spam in my Yahoo account.

Eventually Yahoo will delete the account; that’s fine with me.

But as an Enterprise Risk Management practitioner, I have a problem with Yahoo’s procedure.

Even if my phones had text messaging, what happens if

    a. The phones are disabled?
    b. Lost?
    c. The number is changed?
or any other possibilities that would prevent receiving a text message?

Other emails have multiple options.

Granted, Yahoo has been around a long time.

Now it’s a unit of Verizon, along with what was AOL.

    I’ve had AOL and Verizon accounts, but my first email was a local, no frills *.us service.
Verizon acquired Yahoo in 2017, but apparently has failed to look closely at its functionality. The acquisition apparently was not to enhance Yahoo services but to add Yahoo marketing assets to Verizon.

Whenever I think of Yahoo I recall an old joke which ended with the question: “Are you still using that greasy kid stuff?” (I don’t recall the entire joke, but since it dates backs to my junior high days, it probably is not suited for a “G-rated” blog.)

I wonder if Yahoo ever had a risk management practitioner on staff and if if did, did anyone LISTEN to the practitioner? I’m certain Yahoo had IT Disaster Recovery and may have had Business Continuity, but enterprise risk management? Based on the password recovery options Yahoo lacks, my 2¢ are on “Never heard of Enterprise Risk Management at Yahoo.” I’m not even sure about Verizon.

    If Enterprise Risk Management is unknown at Verizon/AOL/Yahoo, it is not surprising. It never fails but to amaze me that some major organizations — including defense contractors — dismiss Enterprise Risk Management as a bothersome, no ROI, exercise, proving management is “penny wise and pound foolish.”

Yahoo is not losing a customer, but it is wasting storage space on email I never will see.

Pity.


PLAGIARISM is the act of appropriating the literary composition of another, or parts or passages of his writings, or the ideas or language of the same, and passing them off as the product of one’s own mind.

Truth is an absolute defense to defamation. Defamation is a false statement of fact. If the statement was accurate, then by definition it wasn’t defamatory.

Comments on Yahoo

No comments: