GEEKNOTE: Caught!

GEEKNOTE:  Last fall, I talked a bit about a network monitoring system that we can install on a customer's network and gather some pretty detailed information about the computers and other devices on the network. This information comes in very handy in trying to figure out what machines need immediate attention as well as provide hardware and software inventories that could prove useful in the event of an insurance claim.

We installed one of these monitoring systems on a business network a couple of weeks ago. The word got out that we were monitoring the network and one of the weekend employees apparently suffered a guilty conscience, broke into the managers office and wiped the history on one of the notebooks that he had been using. 

Oops.  I'm not quite sure how this employee thought the manager wouldn't notice the fact that the notebook was no longer locked up. The manager noticed. I would not be surprised to hear that the employee isn't there anymore.

Computers leave quite a trail of clues when you use one to surf the Internet.  There are also software programs that can quietly track EVERYTHING that a computer does and save that information for later review. 

While I don't necessarily advocate tracking every employee as if they were an 11 year old boy in hormonal overdrive, the fact remains that business computers are exactly that... business computers. Business owners would be well advised to provide STRONG policies regarding personal use of business computers. If an employee fails to abide by those policies, they need to understand that they are making a career decision.

Why is this important?  There are several reasons:

1.  The risk of infection. Casual web surfing can and does introduce malware onto business machines and even the entire network. One ill-advised click and the machine is infected. If the bug is network aware, the entire network is at risk. If employees are allowed to use the company machines to visit non-business related sites, the risk goes up astronomically.

2.  The risk to the company's reputation. Publicity surrounding the discovery of porn or other unsavory images could destroy a company, especially if it's customers hold it to a high standard. Think school, church or christian radio station. If these images are illegal (eg. kiddie porn), the computers could be seized as part of a criminal investigation.

3.  The financial risk to the company if the company machines are found to be using unlicensed software that an employee installed without permission.  Penalties can easily run into tens of thousands of dollars per incident.

4.  The loss of business that could happen if customer credit cards or other sensitive date leaks out. There are some serious penalties in laws, such as HIPAA and SOX.

A little bit of advance planning and employee education can help prevent these sorts of things from happening.  I recommend that every employee be asked to read and sign a copy of the company computer policy. That way, they have no excuse if they abuse their right to use a company computer.

If you have a computer at home that you use for business purposes, you want to ban any pre-teen and teen children from using that machine for ANYTHING.  Buy them their own machine and isolate it from your business machine.  Consider it cheap insurance.

On that cheerful note, I'll sign off for this week.

Feel free to drop me a note or leave a comment here if you have any questions about your computer or your office network.

Rob Marlowe, Senior Geek, Gulfcoast Networking, Inc.

http://www.gulfcoastnetworking.com

(Rob also serves as deputy mayor of the City of New Port Richey. Opinions expressed here are his own and do not necessarily represent the position of the city.)