about this column.
Ocotber 18, 2002
© 2002, Douglas E. Welch
The longer I work in high-tech, the more distressing I find the environment in which we are all forced to work. In this case, though, I am not talking about a bad work environment and bad managers. I am talking about a high-tech environment where all computer systems, large and small, are under constant attack from both inside and outside. Instead of spending your time developing new ways to increase productivity and profits, you are engaged in a running battle against viruses, crackers, worms and a host of other problems. It seems certain that if you decide to continue to work in high-tech you will be spending even more of your time on these issues.
If you are anything like me, these constant attacks can quickly grow from simply bothersome to outright destructive. Even when you succeed in keeping the electronic "taggers" at bay, your time and energy are quickly lost. The constant litany of software patches, bug fixes, virus cleanup and more simply begins to take most of your time. Instead of prepping the new database server, you are recovering files. Instead of teaching that class on MS Word, you are removing a Word virus. Instead of doing high-tech work, you are cleaning up after other people who have decided that you have nothing better to do. As frustrating as this might sound and feel, in order to develop a successful high-tech career you must find ways to limit the effect that prying eyes (and fingers) have on your systems and your sanity.
There are several ways to help you keep a handle on the challenges you will face. They wont stop every problem from occurring, but might succeed in freeing enough time for you to get actual, productive work accomplished. That said, security is an important issue. In fact, it is so important that anyone who willfully ignores it might find themselves out of a job. You cannot ignore the need to update software, close firewall holes and clean up viruses, but you should work to reduce the demands they place on your time.
Of course, you might find that you enjoy working on computer security issues. If so, you can specialize in this area. Personally, I would welcome someone who could free me from some of the more intensive security tasks with some of my clients so that I might return to work that better suits my interests. If your current position is a less than perfect fit, you might consider security as one possibility to enhance your career.
If you only have yourself to rely on, though, here are some basic rules to help make your security life a but easier. You probably already perform some of these tasks, but I restate them here as a reminder to you and an introduction to the newer high-tech careerists among us. In the day-to-day battle of computer security, we can all get a little tired and let our guard down.
- Download and install all operating system updates (security-related or not) as soon as possible.
- Every system should automatically check for updates on a weekly basis as a minimum.
- Automatic updates free your time for dealing with actual problems and can protect systems when you are not available.
- Check for, download and install anti-virus updates on a weekly basis
- Every single computer system under your care should have some anti-virus software installed and updated. Virus cleanup and recovery are some of the most time consuming tasks for a high-tech worker.
- Install and actively manage a firewall (hardware or software) on all Internet connections.
- This might also include adding a firewall to machines in home office/small office situations.
- Dont expose any machine to the outside world unless there is a clear purpose for doing so, i.e. web server
- Consider installing a VPN (Virutal Private Network) to provide more secure access from the outside world.
- Monitor all logs for signs of attack and/or penetration
- You dont have any idea how many attacks are being launched against your systems until you install a firewall or browse your log files. These are your first line of defense and should be checked regularly for any signs of suspicious activity.
- Select easy to remember, yet secure passwords for all network services and hardware devices.
- These include network logins, user accounts on individual PCs, router passwords, VPN passwords, etc.
When you set up any system, take care to follow these rules, and others you will develop on your own. The time gained by protecting yourself BEFORE there is a problem will be paid back a hundredfold. This will benefit not only your company or clients, but also you and your high-tech career.
Click here for Acrobat (PDF) Version of this column
about this column.
Douglas E. Welch is a freelance writer and computer consultant in Van Nuys, California. Readers can discuss career issues with other readers by joining the Career Opportunities Discussion on Douglas' web page at: http://www.welchwrite.com/dewelch/ce/
He can reached via email at firstname.lastname@example.org
Also on Welchwrite.com