Part 4 in a 6-part series by Mark Robertson, Social Engineering Consultant and CTO
Outsiders are easily and understandably thought to be the biggest threat to security. But we’ve learned from the Clueless Savant in the last issue that this is not necessarily true. In fact, he has a co-worker named Norm Al who is the typical user profile on the network.
Understand the elements of building and maintaining a secure environment: Scan, Process, Deploy, Report, Manage
Editorial Corner
Watch out, falling dominoes ahead
It's happened to all of us. An employee prints a hundred pages. Such a situation doesn't always happen because of a large or graphics-heavy print job, but because Mr. Normal Employee keeps clicking the printer icon thinking the network is messed up. Soon, the network is slowing down and jammed with employees who go surfing during launch hour. It's a domino effect as this month's feature covers the adventures of Norm Al.
It's not enough that we have to worry about the security issues with passwords, people bringing stuff from home, downloads from the Internet, and so on; but we also have to worry about an invisible security, the wireless network, and readers advise on how to deal with it.
Let us know if we're operating on high scoring dominoes or if we're as valuable as a domino with two dots by taking the short reader survey, and as a thank you for your time, we'll enter your name in a drawing where you could win a PAIR of Garmin Rino 110 GPS. Those dominoes topple easily, let's watch our step out there.
Best, Meryl K. Evans Editor
To unsubscribe instantly or change your preferences, see links at the bottom …
Reader
Survey
Complete
our
1-minute reader survey and you could
win a PAIR of Garmin Rino 110 GPS.
Congratulations to this month's winner:
John O'Donnell, Consultant - Penn State Univ PENNTAP
Here’s how administrators can combat threats to
their network: “To automate patching tasks, large districts might look at Shavlik Technologies' HFNetChkPro package, which has an impressive ROI."
The promises of wireless
devices in the enterprise are many. However, it also seems that the security
risks are huge... Wireless traffic is easily recorded; passive eavesdroppers can
gather proprietary information, logins, passwords, intranet server addresses,
and valid network and station addresses; intruders can steal Internet bandwidth,
transmit spam or use your network as a springboard to attack others. The list
goes on and on ...
We would like to figure
out a way to use WLAN and WWAN technology without compromising our security.
Depending on with whom I talk, the solution either seems simple (use existing
security techniques and policies) or complex (start from scratch) or impossible
to secure.
Do we 1) modify what we
currently do, 2) implement a whole new security program or 3) just outright ban
using the WLAN and WWAN? If we don't ban them, how do we protect ourselves?
We support hundreds of servers with at least 50 different application owners. They never want their servers rebooted. How do you schedule server reboots (a regular maintenance windows or some other method)?
