Tales of the Parodyverse >> View Post |
|
| ||||||
Subj: Re: Just one big merry-go-round. Life's so unfair. Posted: Sat Jun 06, 2009 at 09:44:41 am EDT (Viewed 476 times) | Reply Subj: Just one big merry-go-round. Life's so unfair. Posted: Sat Jun 06, 2009 at 07:07:47 am EDT (Viewed 473 times) | ||||||
Quote: How about the fact that my last two projects gave been Government work, my previous one required a security clearance and my new one requires the next security clearance up?That might do it. But even so, you'd think an advanced security government organization would set up a multi-tiered network. It's easy enough to do - disable all network protocols except IP, and then give the servers with sensitive data a different set of (non-routable) IP addresses than the internet connected ones. Then designate one computer as a router/firewall between the two networks, and a 2nd lesser firewall between the network and the internet. Voila, sensitive data that the internet can't access. And "cutting the link" is as easy as powering off the designated router computer, or pulling it's network cables. Quote: It's not just sales figures companies are worried about. Most companies hold personal (and personnel), confidential (and in some cases restricted and secret) data, and exposing that - however accidentally - can be a criminal offence. Any breach of security not only looks bad (and puts the next contract at risk), but can leave the company badly exposed.Any simple hardware firewall and non-routable IP range will protect personal data. My home network is protected that way (Airport Extreme and 10. address range). If you have strangers who don't know about safe web surfing, then add a software firewall that looks for viruses and has a blacklist. The part I disagree with is when they push it one step further and put in a "whitelist" firewall instead - i.e. only these company approved web sites are allowed to visit. Or they technically *have* internet access to serve *customers* outside the company, but everyone inside is blocked from using it. They always cite "security" as the reason, but it's really about control. They don't trust their employees, so they cut the web/email access, restrict telephone access, ban personal radios and music players and cell phones, put in cameras, and make sure the employees are at their desk every instant and have no choice but to work. The problem is, by my observations...it doesn't work. The ones who goof off will do so anyway, and the ones who actually work will feel miserable to be treated like prisoners. And yes, I did work for a company once who did all that unnecessarily. I should write a book about that. Or at least a guide. Quote: Also it's not just data exposure. I stopped visiting the board at work because some idiot had managed to let a virus into the network. It only took us two weeks of continuous effort to clear our part of the system out (physically checking each PC, cleaning it if infected, making sure the AV software was up-to-date and working). These things take a lot of time and effort to clear up afterwards.I've gone to great lengths to keep this site free of viruses - the software, for instances, intensely filters posted text to resist the posting of viruses (or even spam, which usually contains them). It has an HTML filter, which maybe I should apply for a patent on someday, that checks every HTML tag used to make sure it's allowed. The only thing I really can't protect are legitimate looking external links. Since I visit daily, if I even think there might be a virus I'd shut it down until it's cleaned up. | |||||||