I don't work in IT, I'm probably the guy IT hates, the script kiddie :) A while back I created a little site that used PHP/Java that plugged coordinates of my company's offices from a basic SQL server table. It uses the Google maps API to let you search a location and then populate the closest geographical branch locations to whatever area was returned from the search. Accounting associates loved it.
Eventually it was realized that this was hosted on my own site and I was in quite a bit of trouble for this by my boss, not any network admin or anything. The reason according to her statement being:
1. It is a “Security breech to the companies sensitive data”.
2. An outside host could have the potential of an unwanted virus.
As for number one, the only data used is the exact same data available on our companies public web site.
Now for number two... I can't say it isn't possible. I've always been under the impression that you can get malware from any site. I just don't like that I'm being called on this as if it's something worse than the millions of useless unblocked sites their employees hit everyday. So my questions are:
What exactly are the risks with what I've done?
Is this worse than things like Imeem.com their employees hit everyday?
Am I wrong in my assumption, that calling me out and loading up my yearly mockery of an evaluation with bad remarks regarding this, is absurd?
If I am not wrong in being upset at this, do you know of any reference material I could use in my defense?