Friend-LINK: <%=INSERTTEXT%>
October 26, 2001
Protection
© 2001, Douglas E. Welch
|
|
With the release of the recent Nimda Worm/Virus and hints of more electronic vandalism to come, your role as a high-tech careerist is becoming that of protector, more and more. If you want to maintain your status and your career, you need to watch out for those people and companies you serve.
While you are probably not used to thinking of yourself as a high-tech defender, the realities of the technology world will require that you assume this role. How you do it is up to you, but I guarantee you that any high-tech worker that doesnt assume this role could end up out of a job. It only takes one major virus infection, one hacker incursion or one natural disaster to put you out of work. Your clients or co-workers depend on your vigilance as they often do not have the ability to protect themselves. They are more worried about doing their jobs and not computer security. This is one of the main reasons you have a job.
The protection you provide can take many forms; research of new attacks, newsletters and other reminders to upgrade software, testing of vulnerable systems, review of system logs and a constant vigilance for anything that seems out of place. You are the front line defenses for your clients. In a perfect world, you would discover almost any problem before the end user. In our world, though, you should, at least, be one of the first to know.
Once you learn of an issue, it is important that you have already formulated plans on how to deal with the issue. You need to spend some time developing actions plans for the various issues that might arise. Developing these plans ahead of time allows you to think clearly and carefully about all the ramifications of the issue instead of trying to develop an attack plan in the heat of battle.
Part of any good plan is also prevention. There are a number of ways to protect the computer systems under your protection. Preventing a virus infection or a hacker incursion is always less work than correcting the problem after it occurs. Prevention enhances peoples respect for you and your career. Correcting a problem might gain some praise, but it also might lead others to question why the problem occurred in the first place.
Whether you work for a small company of 10 or a large corporation of thousands, there are a few basic actions you can take today to start protecting your computer systems and your co-workers data.
Start with users data. This is always the most important information and cannot be easily replaced if lost. Next, back up complete system configurations. This allows you to easily restore the configuration to a damaged system or an entirely new system, if required
There is no excuse for being infected with an old virus and little excuse for being infected with even the most recent creations. You should keep informed of the latest threats and update virus software accordingly. There are variety of web sites and mailing lists that can give you up to the minute reports of new viruses as they are found.
Remove guest access accounts, restrict users to their own files and shared groups. Help users choose passwords that are at least moderately secure, but that are still easily remembered. Remove users access as soon as employees leave the company. Set any temporary accounts so that they expire automatically.
Create newsletters and emails that keep computer security at the forefront of users minds. We all can become lax in our vigilance over time and can always use a refresher.
Access logs for file servers, web servers, mail servers and others can be long and complex, but they can provide important details regarding possible attacks on your systems. Develop your own tools for monitoring access logs or research commercial and shareware utilities that can assist you.
Again, there are many mailing lists and web sites that can help
you stay informed of security issues. If you dont have the authority
to install software patches, work with your managers to gain that
authority. The ability to respond quickly to security threats
could mean the difference between staying in business or losing
your business.
While protecting the computer systems under your watch has always been a part of a high-tech career, in these days, it has become one of most important tasks. Dont let your high-tech career suffer due to inattention to virus and security issues in your company.
Douglas E. Welch is a freelance writer and computer consultant
in Van Nuys, California. Readers can discuss career issues with
other readers by joining the Career Opportunities Discussion on
Douglas' web page at: http://www.welchwrite.com/dewelch/ce/
He can reached via email at douglas@welchwrite.com
<%=INSERTTEXT%>
|
<%=INSERTTEXT%> |