Reality IT: When a Security Project Hurts Network Performance, Pull the Plug!

Posted by Hunter Metatek
December 02, 2005

A 'Friendly' Rivalry

A few months ago, our network team found itself struggling to support yet another in a seemingly endless stream of IT security projects. This one was to implement token-based authentication, which was supposed to shore up ACME's access control. Our IT security manager, Bucky Rogers, was once again straining his relationship with our network manager, Dirk Packett. Yes, they both work for me, but that doesn't mean I can force them to get along (although I have considered bringing in Rock 'Em Sock 'Em Robots to let them work out their problems). Of course, conflicts between network people and security people aren't unusual, but Bucky doesn't help when he uses his "sky is falling" approach to ramrod project approvals from our internal auditing department, with whom he works closely.

None of the network folks were thrilled with the idea of token-based authentication. The technology required deployment of a hardware-based system that would force the end user to log on with a special keyfob device that provides a code to augment the usual user name and password. It seemed like overkill to some--we had a secure authentication system with hardened passwords, aging and the whole nine yards--but the project was about halfway down Bucky's list of priorities, and we had reached that point in our IT security improvement plan. So, the project went forward.

Going Live

Bucky's team researched options and worked with Dirk's crew on the project planning. They ordered the equipment and installed the authentication server software on several servers for redundancy. We tested the technology over a period of several weeks, and then one evening we cut over to the new system with no ill effects--that night.

Related Reading

More Insights