Thursday, April 12, 2007

More thoughts on security and the Internet

The SANS Institute (a trusted source for network security information and research) annually publishes the top 20 Internet security threats

Internet Explorer generally tops the list. Does that mean we stop using IE as a browser? IM is listed, same questions. Carrying that thinking further, to be the most safe we should not be on the Internet at all. That would not make sense. The Internet is a very valuable resource.

However, in providing access to the Internet in our libraries we have to be aware of the threats and do all we can to protect our systems and inform our users on safe Internet usage, both at our institutions and at home.

Viruses and worms have proliferated because people are unaware of actions they can take to make their systems more secure.

Two weeks ago we got a call from one of our staff that their PC identified a virus after opening up a web page from a popular weekly political newspaper. We asked staff to avoid the site until we could verify that the web server was clean. I contacted the company to let them know of the problem. Never heard back, so the next day I checked their site on a DeepFreeze protected computer. It looked clean so we gave the go-ahead for staff. Last week our staff PC's were catching viruses again from the same website. I contacted the company again and even spoke to the managing editor and left a message with their web consultant. I was given word later from the editor that the problem was resolved. Staff were again given the go-ahead. Today, you guessed it, their site is infected again. I can only assume that whomever is maintaining their website is unfamiliar with the security settings and patches necessary to maintain as safe website.

No comments: