AuthorSharky

Throwback Thursday: Get the picture?

IT director pilot fish at a daily newspaper is reworking the company's entire network. Why? "There is no security," sighs fish. "None, with about 90 users in a peer-to-peer Mac and PC environment."

One night he gets a call from an editor: One of the applications isn't working. It's the one that lets a reporter find a photo on a wire service's website and save it to a folder. The app then moves the folder to a holding folder on another machine, where yet another machine can grab it and put it into the newspaper's production process.

It takes a couple hours of troubleshooting, but fish tracks down the problem. That holding folder? The one that's actually named "Do not touch, do not delete"?

To read this article in full, please click here

Well, it’s secure, all right…

This small IT consulting outfit gets a contract with a very, very big company -- which is a very big deal, says a pilot fish at the consultancy.

"On a daily basis, a large text data file needs to get loaded into a very fast database, and that information is used to deal or not deal with certain customers," fish explains. "And this all has to happen in real time."

The big client is very security conscious, and it won't let the consultancy download the data from the client's site. Instead, a third-party site is used, and access is through a secure connection with a totally inscrutable password.

And on the first day, everything works fine. The big client puts the data on the site and fish's company downloads the data, then keeps checking back periodically to see if anything has been added or changed.

To read this article in full, please click here

And thanks so much for your input, boss!

It's 1999, and in this IT department the big crisis isn't Y2k, says a pilot fish there -- it's the Melissa virus.

"We were infected, and we were all called into the Emergency Operations Center to devise a strategy to determine the extent of infection and how to mitigate the effects," fish says.

"The server admins were coming up with methods to clean up any servers that were affected. The desktop group was trying to figure out how many desktops were infected. We in the network group were trying to come up with a way to block traffic from the virus, both inbound and outbound, at the firewalls.

"Everything was moving as well as could be expected, but we had to give an update to senior leadership on progress.

To read this article in full, please click here

Throwback Thursday: How to improve security

There's a new security policy at this biotech company, reports a pilot fish in the know: When logging in on a PC, the username field will now be blank, and everyone will have to input the name together with the password.

"The policy is announced weeks in advance," fish says. "In spite of this, the first day is painful. A flurry of calls comes into the IT help desk regarding people not being able to log in. One is from a junior member of the payroll department who is about to leave on a two-week vacation -- in fact, her flight is later that afternoon."

"A tech tries to help her over the phone, but apparently she couldn't tell the difference between the username box and password box, in spite of them actually being labeled as such."

To read this article in full, please click here

Why we love lawyers (well, OUR lawyers, anyway)

This IT pilot fish has spent the past year and a half helping his company's clients prepare for the European Union's upcoming General Data Protection Regulation, and with a month to go, it's been smooth sailing -- mostly.

"Over the last 18 months I've been asking my customers time and again about their readiness to implement the GDPR rules," says fish. "We have mostly small companies as our customers, family businesses and one-to-ten-person outfits, and most of them had need of our services one way or another.

"But one customer, a lawyer, told me every time that this particular set of rules does not apply to him, because everything he does is governed by an obligation to confidentiality. Ten weeks before the final date, he still thought it had nothing to do with him."

To read this article in full, please click here

Well, DID she ever change her password?

Flashback to the days when this pilot fish is managing an email system for several corporate clients, and he needs to pick good passwords from the get-go -- because these users will never bother changing them.

"I wrote a program to generate accounts and to create a password," says fish. "The system consisted of a dictionary of about 100 three-letter words, and a separate dictionary of four-letter words where I had tried to remove the bad words. Then there was a list of special symbols, and then the digits 0 through 9.

"The system chose one element from each list, and put them in a random order. It then printed the information out. I folded the piece of paper and placed it in an envelope and mailed it -- never actually looking at it.

To read this article in full, please click here