Latest Threat To Your Corporate Network: Smoking Bans?

from the um...-what? dept

It’s amazing what kinds of things people will try to warn you about these days when it comes to computer systems. Following the warning about bird flu potentially taking down the internet now we apparently need to be aware that smoking bans may put company networks at risk. Apparently, over in the UK, they’re about to put in place a ban on smoking in workplaces (similar to bans that have been found in the US for many years). So, what’s the problem? Turns out those darn smokers leave the back door to their offices open so they can go in and out — and a crafty criminal can just walk right into the building and plug into the network. Of course, there are a few problems with this. First off, walking directly into an office is pretty risky. While some people can get away with it, it hardly seems like a common practice that your ordinary cybercriminal is going to try. Second, it seems ridiculous to blame the smoking ban for this rather than the people who leave the door open. It’s not the fault of the ban, but the workers who can’t learn to shut the door properly. Apparently, that doesn’t make for such a good headline, though.

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Latest Threat To Your Corporate Network: Smoking Bans?”

Subscribe: RSS Leave a comment
Republican Gun says:

Front Door

The front door is good enough. I took my auntie to the large medical complex down the way and while I was there I noticed a tech accessing a panel that was hidden behind a plant. The tech left the panel off. Over the next few months of taking the auntie to the large medical complex down the way I was tempted to bring a laptop and take a looksey at the network, but then thought that was illegal.

Kyros (profile) says:

Hacking for Dummies in the first chapter recounts how the author had preformed security testing on a building (he was payed by the company to see if their network was secure by attempting to break into it) by walking in the front door, stopping by the security desk, saying he was there to work on the servers – at which point the front desk handed him a clearence badge and brought him to the server room and even logged on at the admin level for him. I don’t think it matters if the door is latched or unlatched.

Enrico Suarve says:

Change the doors then

If that worries you make the doors easier to use and get back in, or alarm them (even just making a noise after 10 seconds of being held open would help)

Years ago I used to work in a datacentre as a temp and used exactly this method to get in every day for 4 months, rather than stand in line every morning to get my new pass (the company had a farce of a procedure which involved me spending 5 minutes with a security guard every day while he checked various crap)

All went well for ages until we got audited and in the pre-audit someone asked me where my pass was

1st time I had been challenged in 4 months of working in a building of over 500 employees – I’d spent the rest of the time tailgating etc

So yeah if you’re convincing you can get away with a LOT once you’re in the door ;0)

566 says:

Re: Security Fusion

While this item may be over-emphasizing a bit point, it does point to, what I believe is, an emerging security trend – especially in the government space.

Stovepipes of cyber and physical security are being broken-down. Looks like the buzzword is “Security Fusion.”

For example, DHS will now have an emergency communications IT component in the next iteration of its TOPOFF exercise. Amazing to think that DHS was doing these large-scale COOP/COG simulations without any this communications component.


Angry Rvethead says:


All I can say is I never smoked cigarettes until they implemented smoking bans. Starting at about 12, I smoked cigars here and there. But in my late teens, they implemented a smoking ban at my college. Not being 21, I couldn’t go to a bar and have my stogie, and I wasn’t about to stand outside in a Vermont winter for 2 hours toking my Upmanns. Plus th cold air throws the taste off. So I started smoking premium cigarettes. I’m hella pissed Davidoff stopped importing his line 🙁 I miss the Magnums.

_Jon says:

Given that the smokers will be standing 6′ from the back door, I find it hard to believe that a hacker will be able to walk past them and into the building.

The front door security guard may be a dork, but most of us geeks know who we work with. We may be lazy – and not want to fix the mess a hacker makes – but we aren’t stupid.

Enrico Suarve says:

Re: Re:

Maybe you aren’t but plenty are trust me

In case you’re interested the real trick is to be smoking a cigarette yourself and be stubbing it out as they open the door to come out

Hold it open for them once they’ve turned the knob

I guarantee you very few people will stop you if you look confident enough – just another smoker going back in

Anonymous Coward says:

I think their might be some confusion here. Smoking bans have been in place for many years in the work place, except for bars, restaurants and private clubs.

What we are implementing now in the UK is a total ban on smoking anywhere in an enclosed public space. This means that all public places, including all pubs, restaurants, bars and private members clubs, will be smoke free from Summer 2007.

And to be honest it’s about time. These bans have been in place in other European countries for some years now but the UK just doesn’t want to lose tax money from tobacco, just in case people decide to quit smoking.

mikey (user link) says:


I’m a smoker, so I’m not a fan of smoking bans, but I can understand the want for them, I guess. Anyways, this claim of smokers leaving the back door open as a security problem is just out there.

I mean, if a company has a weak enough security system that people can just walk in and have access to everything, then they have more serious things to worry about anyway. Looking to blame smokers leaving the doors open (and attended even) shouldn’t be the first place to look. If these “security experts” were experts, they would know that modern offices use RFID badges, not just for the back (or any other) door but also for access to equipment rooms.

Ben Robinson says:

This is Silly

Whilst it’s true that a legal smoking ban in enclosed public spaces is due to come into force here in the UK in a few months the fact is that smoking in the workplace has been banned at a company level in most places for years. I can’t remember the last time i went to somehwere that is a place of work, where you could smoke.

Ryan Coleman (user link) says:

“While some people can get away with it, it hardly seems like a common practice that your ordinary cybercriminal is going to try.”

It’s actually very common in office towers etc. to have people walk in & grab latops/wallets etc. during office hours with people present – and this is in places where the only access is via passcode.

I’ve been surprised over the years how many times I’ve been in an office of another company and basically given free-roam over the space, including being let back into secure doors by simply knocking on the glass and simply saying “I’m just in a meeting down the hall”.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...