https://community.isc2.org/t5/Industry-News/Wendy-s-collects-fingerprint-data/m-p/14970#M1629 &gt; Early_Adopter (Advocate I) posted a new reply in Industry News on 09-25-2018<BR /><BR />&gt; &nbsp; Lastly,<BR />&gt; while I'm sure there are good protocols for hygeine in Wendy's, do you<BR />&gt; really want to use fingerprint sensors that everyone must touch in restaurants?<BR />&gt; You might cause other issues by building a mandatory vector for infection of the<BR />&gt; non-cyber kind into your employees daily routine<BR /><BR />All employees must wash hands after signing in. Then sign in again, and wash<BR />hands again ...<BR /><BR />====================== (quote inserted randomly by Pegasus Mailer)<BR />rslade@vcn.bc.ca slade@victoria.tc.ca rslade@computercrime.org<BR />Geeez, Erwin. He wasn't even armed.<BR />I don't care. I have lots of ammo and he was wearing a tie.<BR />- <A href="http://ars.userfriendly.org/cartoons/?id=20010209" target="_blank">http://ars.userfriendly.org/cartoons/?id=20010209</A><BR />victoria.tc.ca/techrev/rms.htm <A href="http://twitter.com/rslade" target="_blank">http://twitter.com/rslade</A><BR /><A href="http://blogs.securiteam.com/index.php/archives/author/p1/" target="_blank">http://blogs.securiteam.com/index.php/archives/author/p1/</A><BR /><A href="https://is.gd/RotlWB" target="_blank">https://is.gd/RotlWB</A> Wed, 26 Sep 2018 01:49:00 GMT rslade 2018-09-26T01:49:00Z https://community.isc2.org/t5/Industry-News/Wendy-s-collects-fingerprint-data/m-p/14951#M1625 <P>I was surprised to note that Wendy's is facing a <A href="https://nakedsecurity.sophos.com/2018/09/25/wendys-faces-class-action-over-collecting-staff-fingerprints/" target="_blank">class-action lawsuit over its practice of collecting employee fingerprint data</A>.</P><P>&nbsp;</P><P>Particularly since I was astounded to learn that Wendy's was collecting the data in the first place.&nbsp; Why would you?</P> Mon, 09 Oct 2023 08:57:28 GMT https://community.isc2.org/t5/Industry-News/Wendy-s-collects-fingerprint-data/m-p/14951#M1625 rslade 2023-10-09T08:57:28Z https://community.isc2.org/t5/Industry-News/Wendy-s-collects-fingerprint-data/m-p/14959#M1626 <BLOCKQUOTE><HR /><a href="https://community.isc2.org/t5/user/viewprofilepage/user-id/1324864413">@rslade</a>&nbsp;wrote:<BR /><P>Why would you?</P></BLOCKQUOTE><P>The motivation is to&nbsp;prevent one employee from clocking in on behalf of another and to eliminate the problem of badges being left at home.</P> Tue, 25 Sep 2018 21:31:05 GMT https://community.isc2.org/t5/Industry-News/Wendy-s-collects-fingerprint-data/m-p/14959#M1626 denbesten 2018-09-25T21:31:05Z https://community.isc2.org/t5/Industry-News/Wendy-s-collects-fingerprint-data/m-p/14968#M1628 <P>Looks like the specific problem the proposed lawsuit addresses was lack of informed consent and specificity on the ‘why’ things were being done, as well as sharing with the vendor.</P><P>&nbsp;</P><P>On the&nbsp;motivations as&nbsp;<a href="https://community.isc2.org/t5/user/viewprofilepage/user-id/311867713">@denbesten</a>&nbsp;posited&nbsp;if the technology is not so much being used to provide strong MFA to protect identity in conjunction with badges, but potentially instead off or incase someone forgot theirs or tried to impersonate someone....&nbsp;I’ve no data, but on the surface does seem like a bit of a sledge hammer being used to crack a nut. Just have a mandatory policy on badges, make them displayed, and have a reporting process if they are missing.</P><P>&nbsp;</P><P>Is an employee/shift team really going to cover for someone not turning up on a busy shift and pre-arrange to take their badge so they can be clocked in? This is a hard job with constant work, missing folks might not be popular.</P><P>&nbsp;</P><P>Lastly, while I’m sure there are good protocols for hygeine in Wendy’s, do you really want to use fingerprint sensors that everyone must touch in restaurants? You might cause other issues by building a mandatory vector for infection of the non-cyber kind into your employees daily routine&nbsp;</P> Wed, 26 Sep 2018 00:24:22 GMT https://community.isc2.org/t5/Industry-News/Wendy-s-collects-fingerprint-data/m-p/14968#M1628 Early_Adopter 2018-09-26T00:24:22Z https://community.isc2.org/t5/Industry-News/Wendy-s-collects-fingerprint-data/m-p/14970#M1629 &gt; Early_Adopter (Advocate I) posted a new reply in Industry News on 09-25-2018<BR /><BR />&gt; &nbsp; Lastly,<BR />&gt; while I'm sure there are good protocols for hygeine in Wendy's, do you<BR />&gt; really want to use fingerprint sensors that everyone must touch in restaurants?<BR />&gt; You might cause other issues by building a mandatory vector for infection of the<BR />&gt; non-cyber kind into your employees daily routine<BR /><BR />All employees must wash hands after signing in. Then sign in again, and wash<BR />hands again ...<BR /><BR />====================== (quote inserted randomly by Pegasus Mailer)<BR />rslade@vcn.bc.ca slade@victoria.tc.ca rslade@computercrime.org<BR />Geeez, Erwin. He wasn't even armed.<BR />I don't care. I have lots of ammo and he was wearing a tie.<BR />- <A href="http://ars.userfriendly.org/cartoons/?id=20010209" target="_blank">http://ars.userfriendly.org/cartoons/?id=20010209</A><BR />victoria.tc.ca/techrev/rms.htm <A href="http://twitter.com/rslade" target="_blank">http://twitter.com/rslade</A><BR /><A href="http://blogs.securiteam.com/index.php/archives/author/p1/" target="_blank">http://blogs.securiteam.com/index.php/archives/author/p1/</A><BR /><A href="https://is.gd/RotlWB" target="_blank">https://is.gd/RotlWB</A> Wed, 26 Sep 2018 01:49:00 GMT https://community.isc2.org/t5/Industry-News/Wendy-s-collects-fingerprint-data/m-p/14970#M1629 rslade 2018-09-26T01:49:00Z