How to prevent a content filter from becoming a career shortening network element • The Register


Who me ? “Be careful what you wish for.” Words that could strike a chord with the IT manager in today’s edition of Who, Me?

“Lee”, because that’s not his name, told us about his time as an IT consultant in the Far East, working for a family bank. The bank was extremely suspicious of this new internet technology and allowed a few privileged staff members online, but not much else.

“We were hired by the IT manager and tasked with reviewing their position on information security,” said Lee, “and it quickly became clear that they needed something better than their parent. -fire, to include content monitoring and logging, as well as normal housekeeping procedures. firewalls and other protections. “

It was simple stuff. A system has been specified and a rule base prepared. The bank’s IT team was dispatched to procure the necessary items and Lee prepared for the formal review of the setup.

“A few weeks later, we came back early one morning to take our certification exam,” said Lee, “and we were greeted by a visibly nervous IT manager.”


The team worked through the checklist anyway, until they looked at the new firewall and the content scanner. No problem! The IT manager showed them the shiny new server with the lights on. “Here it is!” he proclaimed.

Uh, okay. However, Lee really needed to look at the setup and logs as part of the review.

No dice. “It wouldn’t be … convenient,” replied the IT manager. A translation for those unfamiliar with the customs of the area would be a flat “NO” (just without the offense that might have been caused).

What to do? Lunch, of course!

The IT chief took Lee and co for a splendid snap lunch where plenty of adult drinks were consumed. And, lubricated by the hour of alcohol, the IT manager explained what was really going on.

“The bank’s CFO, who was part of the owner family, had a predilection for visiting live online strip sites,” recalls Lee, who had remained relatively sober, “and had done so frequently since his birth. office using the bank’s systems.

No one challenged him on that because his response was to just fire the messenger and hire someone who knew how to be quiet.

However, if the content scanner was enabled, the IT department would have strong evidence and have to face it. And then all would immediately lose their jobs.

Of course, the content analyzer seemed to work. The lights were on. But no one had plugged it into the network because it would lead to a dramatic shortening of careers for everyone involved.

What to do?

One of Lee’s colleagues came up with a solution that everyone was happy with. A new high-quality encrypted laptop with a private internet connection separate from the bank’s network has been purchased for the CFO.

The man’s ego suffered some inflation with the explanation: as one of the biggest cheeses, the information he was dealing with was obviously Great sensitive and therefore could not approach the network used by his underlings. Of course, he needed something special, as befitting his high position.

With the CFO now thankfully, uh, “browsing” on his own connection, the content scanner could then be properly launched “and everyone was able to go back to business as usual with their work intact.”

Have you ever found yourself dodging the boss’s blushes when something happened that was really impractical? Confess it all with an email to Who, Me? ®

Source link


Leave A Reply