The SANS Institute (a trusted source for network security information and research) annually publishes the top 20 Internet security threats
Internet Explorer generally tops the list. Does that mean we stop using IE as a browser? IM is listed, same questions. Carrying that thinking further, to be the most safe we should not be on the Internet at all. That would not make sense. The Internet is a very valuable resource.
However, in providing access to the Internet in our libraries we have to be aware of the threats and do all we can to protect our systems and inform our users on safe Internet usage, both at our institutions and at home.
Viruses and worms have proliferated because people are unaware of actions they can take to make their systems more secure.
Two weeks ago we got a call from one of our staff that their PC identified a virus after opening up a web page from a popular weekly political newspaper. We asked staff to avoid the site until we could verify that the web server was clean. I contacted the company to let them know of the problem. Never heard back, so the next day I checked their site on a DeepFreeze protected computer. It looked clean so we gave the go-ahead for staff. Last week our staff PC's were catching viruses again from the same website. I contacted the company again and even spoke to the managing editor and left a message with their web consultant. I was given word later from the editor that the problem was resolved. Staff were again given the go-ahead. Today, you guessed it, their site is infected again. I can only assume that whomever is maintaining their website is unfamiliar with the security settings and patches necessary to maintain as safe website.
Showing posts with label internet security. Show all posts
Showing posts with label internet security. Show all posts
Thursday, April 12, 2007
Wednesday, April 11, 2007
Week 2, Exercise 2: IM
I've had an AOL IM screen name since the late 90's (askcalif) For awhile I was using it a lot to chat with friends and relatives. I also had an ICQ number, but only used it for a couple of months. The last couple of years I didn't bother even opening up chat in the evenings when I turned on my home computer to check email. I just got a new computer and haven't bothered to install the AIM software and may not for quite awhile.
In considering this change in usage I'm wondering what factors are different between then and now. One major one is long-distance phone costs. I used to use AIM instead of calling out-of-town friends and family. Then in 2001 or 2002 I got a wireless phone service that includes long distance and no roaming, etc. Since the calls are already paid for I prefer hearing voices than typing conversations.
Regarding IM for library service, if it is being used by our patrons then resources should be devoted to it. Cost-benefits should be periodically analysed. In addition there may be network security implications of running IM chats. Most of the IT security trade journals caution businesses about the risks of IM. Viruses and trojans have been spread through IM.
Our library will soon be installing a web filtering software product, mainly to filter out malicious sites. Most institutions using the software block AIM, Yahoo Chat, Meebo, etc. Some of our IT people want to turn on the blocking of chat services. For non-public service areas it may be appropriate (should the HR staff be IM'ing their friends during work hours?) but we have to be careful not to inhibit the reference desks from providing service.
In considering this change in usage I'm wondering what factors are different between then and now. One major one is long-distance phone costs. I used to use AIM instead of calling out-of-town friends and family. Then in 2001 or 2002 I got a wireless phone service that includes long distance and no roaming, etc. Since the calls are already paid for I prefer hearing voices than typing conversations.
Regarding IM for library service, if it is being used by our patrons then resources should be devoted to it. Cost-benefits should be periodically analysed. In addition there may be network security implications of running IM chats. Most of the IT security trade journals caution businesses about the risks of IM. Viruses and trojans have been spread through IM.
Our library will soon be installing a web filtering software product, mainly to filter out malicious sites. Most institutions using the software block AIM, Yahoo Chat, Meebo, etc. Some of our IT people want to turn on the blocking of chat services. For non-public service areas it may be appropriate (should the HR staff be IM'ing their friends during work hours?) but we have to be careful not to inhibit the reference desks from providing service.
Subscribe to:
Posts (Atom)
