Friend-LINK: <%=INSERTTEXT%>

 

 

A Weekly ComputorEdge Column by Douglas E. Welch

 

 

 

 

Back to Archive Index -- Go to WelchWrite.com

about this column.

October 26, 2001

Protection

© 2001, Douglas E. Welch

If you liked this Career-Op column, please consider a payment of $1 using PayPal.
Make payments with PayPal - it's fast, free and secure!

With the release of the recent Nimda Worm/Virus and hints of more electronic vandalism to come, your role as a high-tech careerist is becoming that of protector, more and more. If you want to maintain your status and your career, you need to watch out for those people and companies you serve.

To Protect and Defend

While you are probably not used to thinking of yourself as a high-tech defender, the realities of the technology world will require that you assume this role. How you do it is up to you, but I guarantee you that any high-tech worker that doesn’t assume this role could end up out of a job. It only takes one major virus infection, one hacker incursion or one natural disaster to put you out of work. Your clients or co-workers depend on your vigilance as they often do not have the ability to protect themselves. They are more worried about doing their jobs and not computer security. This is one of the main reasons you have a job.

The protection you provide can take many forms; research of new attacks, newsletters and other reminders to upgrade software, testing of vulnerable systems, review of system logs and a constant vigilance for anything that seems out of place. You are the front line defenses for your clients. In a perfect world, you would discover almost any problem before the end user. In our world, though, you should, at least, be one of the first to know.

Quick Response

Once you learn of an issue, it is important that you have already formulated plans on how to deal with the issue. You need to spend some time developing actions plans for the various issues that might arise. Developing these plans ahead of time allows you to think clearly and carefully about all the ramifications of the issue instead of trying to develop an attack plan in the heat of battle.

Part of any good plan is also prevention. There are a number of ways to protect the computer systems under your protection. Preventing a virus infection or a hacker incursion is always less work than correcting the problem after it occurs. Prevention enhances people’s respect for you and your career. Correcting a problem might gain some praise, but it also might lead others to question why the problem occurred in the first place.

Where to start

Whether you work for a small company of 10 or a large corporation of thousands, there are a few basic actions you can take today to start protecting your computer systems and your co-workers data.

  1. Backup as much information as possible.

    Start with users data. This is always the most important information and cannot be easily replaced if lost. Next, back up complete system configurations. This allows you to easily restore the configuration to a damaged system or an entirely new system, if required

  2. Install virus protection on EVERY computer system and update it regularly

    There is no excuse for being infected with an old virus and little excuse for being infected with even the most recent creations. You should keep informed of the latest threats and update virus software accordingly. There are variety of web sites and mailing lists that can give you up to the minute reports of new viruses as they are found.

  3. Review/create password policies and access settings

    Remove guest access accounts, restrict users to their own files and shared groups. Help users choose passwords that are at least moderately secure, but that are still easily remembered. Remove users access as soon as employees leave the company. Set any temporary accounts so that they expire automatically.

  4. Inform users immediately of any new threats and basic computer security practices. Remind users regularly about computer security.

    Create newsletters and emails that keep computer security at the forefront of users minds. We all can become lax in our vigilance over time and can always use a refresher.

  5. Review access logs for odd usage

    Access logs for file servers, web servers, mail servers and others can be long and complex, but they can provide important details regarding possible attacks on your systems. Develop your own tools for monitoring access logs or research commercial and shareware utilities that can assist you.

  6. Stay aware of security patches and install security patches to all software immediately.

Again, there are many mailing lists and web sites that can help you stay informed of security issues. If you don’t have the authority to install software patches, work with your managers to gain that authority. The ability to respond quickly to security threats could mean the difference between staying in business or losing your business.

While protecting the computer systems under your watch has always been a part of a high-tech career, in these days, it has become one of most important tasks. Don’t let your high-tech career suffer due to inattention to virus and security issues in your company.

 

about this column.

Douglas E. Welch is a freelance writer and computer consultant in Van Nuys, California. Readers can discuss career issues with other readers by joining the Career Opportunities Discussion on Douglas' web page at: http://www.welchwrite.com/dewelch/ce/

He can reached via email at douglas@welchwrite.com

Book Recommendation

Browse the WelchWrite Bookstore

<%=INSERTTEXT%> 

 

Also on Welchwrite.com

<%=INSERTTEXT%>