Jun 24, 2016 09:58
A significant portion of my job involves accessing sites and systems that require identity and encryption certificates. Those reside on a usb token. Those same certificates are used in sending/encrypting email messages, which is something else I have to do at times.
Yesterday, I called the helpdesk because I was getting a certificate expired error when trying to send an encrypted email. That was odd, since the certs are valid through late next year. So the IT guy tried to fix the issue. What he ended up doing was deleting the certificates from the usb token. That's a bad thing. They're basically toast now, meaning I've no access to systems I need to use daily. I'm unable to do something like 80% of my job. I have to apply for a new set of 'em, which is a bit of a hassle.
What makes it even more annoying was that I asked if I should remove the token before attempts were made to get the email thing working. The guy insisted that the tokens are write protected, so there'd be no risk. I wasn't too sure about that, but then, hey, he's supposed to be the pro and all.
So, yeah. The lesson from this is to not let our IT department anywhere near one's workstation when something important is involved.