RE: Please help me "sell" the idea of a more secure network
- From: Josh <Josh@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Mon, 3 Jul 2006 08:16:01 -0700
If you lower your ethics a bit, have a friend come in unannounced to the
company for a demonstration (that wont do much because you have backups).
Either that or request to do it live for a supervisor so he can see what
could be done if people wanted to.
"JM" wrote:
My company does mostly telecom interconnect work, and some data. Typically,.
we bring in a networking person from a partner company to do the actual
technical stuff. However, it's often our job to educate the customer on why
certain things are needed. And I need some help on a current situation.
The client has Windows 2003 Server Standard Edition, with about 15-18 XP Pro
computers. They have AD setup, with their core company software running on
the server. Most of the clients are joined to the domain, but several
employee laptops simply operate in a workgroup sharing internet and POP3
email, with their email being hosted by a local network services/website
design company.
Some users log on using a unique username, but ALL users use the same
password. In fact, this "master" password can be found almost anywhere and
on anything that requires a password, including their individual email
accounts, websites, and who knows what else. Other domain users login in
with generic logins like "CompanyNameUser," again using the universal
password.
To make matters worse - at least in my non-expert view - is the wireless
router they leave on 24/7, completely open, for anyone and everyone to use.
They have literally hundreds of customers coming and going daily, and the
wireless internet access is a courtesy they offer.
Finally, they have no comprehensive, system-wide security solutions,
whatsoever. Their anti-virus "protection," for example, consists of various
products, releases, life cycles, etc, all on the individual clients. Some
have Norton, others McAfee, AVG Free (yeah, I know), with some being
in-date, out-of-date, and some with nothing at all. There are various free
malware killers, pop-up blockers, and the like, installed by whomever,
whenever, because they have no group policies or other domain security
policies in place enforcing who can and cannot install software.
I know this is a huge issue, and I'm not asking for anyone to spend a lot of
time on it, but I need some concise ideas for these people. The problem is
that up to this point nothing devestating has happened, so they are totally
blissful in their ignorance. If I sell too hard, given their current good
luck, they will think I'm doing Chicken Little or trying to make a buck.
The fact is, I'm really concerned about my clients, and I know their current
situation is going to get them in trouble. I'm just not sure how to
approach it.
thank you,
jm
- References:
- Prev by Date: Re: Problem with Windows 98SE client and printer
- Next by Date: Re: AD error when running dcpromo on child 2k3r2
- Previous by thread: Re: Please help me "sell" the idea of a more secure network
- Next by thread: Re: Please help me "sell" the idea of a more secure network
- Index(es):
Relevant Pages
|
Loading
