Firewall Wizards mailing list archives
RE: Killing Napster and beyond...
From: "Andy Wigglesworth" <jawiggy () rcn com>
Date: Wed, 25 Oct 2000 21:02:43 -0400
Policy...Policy...Policy. The place to start all of this is with the development of corporate polices for Internet, computer and e-mail usage. The plain and simple fact of the matter is this... You can throw all the technology you want to at the problems but all you are doing, without polices in place, is being reactive to the problem and not proactive. Most of your end users truly believe that the computers sitting on their desks belong to them. And since it belongs to them they can load, play, and do anything they want to do on them. Of course the fact is that that PC belongs to the company and everything they do with and/or on that computer reflexes, good or bad, on the company. With that said, how many of you can tell me when the last time you saw your policy on Internet usage....how about e-mail usage?...computer usage? How many of you have set policies on your firewall that isn't put onto a written policy anywhere. In most companies, if there is indeed any type of policy at all, it is hidden away in the back of the employee handbook, sort of as a afterthought. It is then signed by the employee, given to HR, and thrown into the employees file, never to been seen again. Do you think that the employee even read it? I doubt it, in most cases anyway. Sort of like a licensing agreement for software...it's a click through. They are not paying it much mind....just let me sign it and get on with it. Where most companies fail in policy development is with educating the end users in regards to the policies. Lets build a little scenario for you. Joe in accounting has been going to web sites that the company has decided to be inappropriate for Joe to go to. Joe has been warn ( talk to) to stop yet he has not. Joe is fired. Joe turns around and sues the company for wrongful termination. The reason, Joe says, is that he was unaware of the company polices in regard to this. What the courts are going to look for are the following: Were there polices in place to begin with....Yes there was Were there tools put in place to enforce the polices....Yes there was Were there any form of education for the end users in regards to the policies beside the company handbook that Joe was given when he was hired. No, there wasn't Development of these polices is your first line of defense. Then making sure your end users are educated in regards to the policies is of equal importance. Policy education is the missing part of most companies security outline. I truly believe that if your users know and understand the polices that 70% of them will do the right thing and follow them. Then it is the other 30% that you are going to have to take out to the wood shed. If you want to make your CEO happy...remember this. That in the end, when the day is done, he is responsible for the actions of his employees. It is not the name BEFORE the @ sign that will get sued and the name AFTER. Best, AW -----Original Message----- From: firewall-wizards-admin () nfr com [mailto:firewall-wizards-admin () nfr com]On Behalf Of David Hassilev Sent: Thursday, October 19, 2000 2:01 PM To: todd () stipples com; dufresne () sysinfo com Cc: firewall-wizards () nfr com Subject: Re: [fw-wiz] Killing Napster and beyond... I keep seeing these posts regarding Napster and its ilk. These are NOT network problems IMHO! Nor does their control need to be pushed out at the perimeter of the network. Rather, they should be controlled where you CAN control them, on the desktop! This is what change control is all about, standard desktop image deployments, regular audits etc.. If you have a Firewall and you are serious about managing it, then you MUST have a security policy! Surely the security policy prohibits users from installing the likes of Napster on their desktop. That said, get the tools to monitor or control the desktops, or simply enforce by policy. That should keep the poor firewall slob from beating his/her head against the proverbial wall every time and application pops up that circumvents the firewall from the inside out. David _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://www.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: Killing Napster and beyond..., (continued)
- Re: Killing Napster and beyond... Bruce M. Walker (Oct 19)
- Re: Killing Napster and beyond... R. DuFresne (Oct 18)
- Re: Killing Napster and beyond... Brad Van Orden (Oct 19)
- RE: Killing Napster and beyond... David O'Shea (Oct 19)
- Re: Killing Napster and beyond... R. DuFresne (Oct 19)
- RE: Killing Napster and beyond... Alan Young (Oct 19)
- Re: Killing Napster and beyond... Robert Collins (Oct 20)
- Re: Killing Napster and beyond... spiff (Oct 20)
- Re: Killing Napster and beyond... Joseph S D Yao (Oct 23)
- Re: Killing Napster and beyond... Brad Van Orden (Oct 19)
- Re: Killing Napster and beyond... David Hassilev (Oct 19)
- RE: Killing Napster and beyond... Andy Wigglesworth (Oct 27)
- RE: Killing Napster and beyond... Jürgen Nieveler (Oct 19)
- RE: Killing Napster and beyond... Harris, Tim (Oct 19)
- Re: Killing Napster and beyond... Vern Paxson (Oct 19)
- Re: Killing Napster and beyond... Brad Van Orden (Oct 19)
- Re: Killing Napster and beyond... Darren Reed (Oct 20)
- Re: Killing Napster and beyond... R. DuFresne (Oct 20)
- Re: Killing Napster and beyond... John McDermott (Oct 20)
- Re: Killing Napster and beyond... Brad Van Orden (Oct 19)
- RE: Killing Napster and beyond... Zarcone, Christopher (Oct 19)
- RE: Killing Napster and beyond... Barry Dykes (Oct 20)
- RE: Killing Napster and beyond... David O'Shea (Oct 20)
(Thread continues...)