Computer security? It is your business. A reprise of a 2004 campus letter.

A Reprise of an Open Letter to WOSC Technology Users on Computer/Technology Security Dated February 11, 2004. This document is as pertinent today as it was then.  Your continual vigilance as end users is more important than ever to keep your computing and technology resources safe and in working order.  I will add a couple items to the 2010 version as there are more schemes and deceptions online than ever.  Please note the additions are posted in Bold Text Below:
1) Be diligent in upgrading your antivirus and antispyware software
2) Do not open emails in which you don’t know the sender
3) Be cautious in downloading anything from the internet
4) Hesitate before sharing or forwarding emails of unknown or questionable origin.
5) IT/LSS will never ask for your username and password over email.
6) Living in the moment online could have long term implications for your future and potentially your safety.  Be careful what pictures you post and what things you say online
7) Never, Ever, Ever, Never send a social security number, credit card number or other personal information via email.
An Open Letter to WOSC Technology Users regarding: 1) your diligence in upgrading your antivirus 2) in not opening emails in which you don’t know the recipient 3) in downloading anything from the internet  4) in sharing or forwarding emails of unknown or questionable origin.
As I sit here deep into the a.m. of Wed February 11, 2004 I look back at this week as a microcosm of the last five years of virus security and general network and telecommunications usage. On Monday February 9, 2004. I come into the office  and sat down planning to resolve one of normal everyday frustrations of you the average campus technology user.  Instead I am greeted by the voice of Ted of outofthisworldhosting.com of Gainsville Tennessee (the names have been changed in case… or maybe because this is a small small small world and this could be your cousin or brother) who is muttering something about them preferring not to take legal action and a system on our end is attempting to overwhelm one of their systems blah, blah, blah.  I say, “so a system with one of our addresses is attacking your system”  to which he replies, “ I didn’t want to use the word attack, but if you must…..”  He provides me some information from his logs that no normal person is interested in and we ‘telecommunicatively’ part ways for the time being with me agreeing to keep him posted.
Since legislation related to many of the digital issues of our modern world is a bit, or byte or packet behind reality I  have at that moment no exact picture of the reality of  his ability to pursue legal recourse.  I simply say unto myself “I believe I need to do unto others as I would like him to do unto me” which in this case is help my telecommunications brethren. At this point I contact what some of you the end users refer to as the “techie boys” usually Steve, Brian,  and /or Joe, in this case all of the above.We meet  briefly and the follow up with several emails discussing our strategy for resolving the issue.  Now they up until this point are merrily working on one of the multitude of projects, which are deemed to be, by you, (the end user) as the most mission critical event of the moment.
Within the first 15 minutes of the first phone call “the techie boys” track down information, which tells us the attacker, is possibly in the dorms and which we hypothesize is most likely from a computer which has become the home of a virus.  I subsequently take the email from our telecommunications provider, OneNet, notifying us of a “network usage abuse” from the party noted above.  They too are  requesting a reply and notification of our receipt of the message and that we need to report how we will resolve the issue or they will …….. have to “shutter our telecommunications window.”
I do the required notifications and go beyond the call of duty to update and notify outofthisworldhosting.com of our intentions and strategy for resolving the issue.  I then talk to a couple of our administrators notifying them of a potential problem and of our strategy for resolution.  At this point we are 2.5 hours into day and guess what………no other mission critical event of the moment is being worked on by myself …….or the techie boys.  I get up head to the cafeteria for my morning jolt of caffeine and am subsequently confronted by at least two hallway notifications that their or somebody else’s work order has not been completed or acknowledged or that they can’t ever find someone to help with some technical issue.  I reply I will check into, I get my caffeine and return to the desk.  I again check with the “techie boys” who are still working on our virus issue and not working on the other various mission critical events of the moment to get an update.  I actually do one task related something other than the aforementioned virus events and it is time for lunch.  By the end of the day the “techie boys”    have still not totally tracked down the culprit but have at least narrowed down the possibilities.  Again, however it must be noted that at least 4 full time FTE employees have committed at least (7 hours x 4 FTE) 28 clock hours to the task of resolving an unanticipated virus issue.
We return on Tuesday February 10, 2004 with again much of the morning’s time and effort committed to tracking down and locating the issue discussed in the previous text. The issue becomes stickier as it not only involves our campus network, but AOL through a dial up account which is issue which envokes the reworking of our campus network use policy(2010 NOTE: I wish I remembered all of the details here.  I will have to dig deeper to see what I can find).   Additionally questions arise related to this event that will involve $$$,  Do we, or can we force them, the dorm user, to purchase antivirus as that is not specifically written into our dorm access policy? Do we provide it for them and up their access fee?  Do we provide it and not up the access fee?
Then suddenly its time for the Campus Staff All Staff meeting and you know what the issue is still not totally resolved and once again the other various mission critical events of the moment are not resolved  least (13 hours x 4 FTE) 52 clock hours later.
I submit this tale as a reminder to you that the internet in all of its apparent glory is democracy in its purest form, it is the wild west of the modern world it is all of these things and more.  The tale is not that uncommon in our workday, however I don’t always tell you.  If we have a major issue that must be addressed and resolved such as Kazaa, Napster or one of the other file sharing programs you may hear about it.  However, we generally try to let this resource operate behind the scene.  You see the privilege of the resource,  you don’t always see the price for making it transparent.
I am again asking for your help in watching your email and web research.  I am asking you to be careful about the types of resources you look at on the internet.  I am asking that you ask yourself if what you are doing is work related.
There are some technical issues that come about that you can do nothing about, but again when one of us sends a message about a virus or a telecom issue that you do take notice.
I send this encouraging you to be ever vigilant about these issues to again show that one little virus or security issue can consume the days of 2, 3 or even 4 of our personnel causing those things that are near and dear to you (and productive) to be delayed.  Some security related issue happens every couple of weeks if not every week.   It has changed our (information services) workload significantly.  Although we have automated protection process and invested in tools to automate protection we still spend probably 20- 25% of our time addressing issues related to network security and viruses and it does take away from the various other productive mission critical events of the moment.  Five or six years ago this was a non-issue.