Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Implementing Instant Policy Changes

Slipping Through the Cracks

The Bagle payload came within a password-protected archive-file attachment, which let it bypass our first level of defense--an e-mail gateway scanning/blocking appliance. And this worm had not yet been addressed by our desktop antivirus application vendor. Therefore, we needed to create our own solution.

Jon and Dirk were adamant that ACME should immediately implement a measure that would block password-protected archive files but let other archive files through. This meant we'd be blocking many valid, business-related archive attachments along with the infected ones. The valid files would be held in quarantine. Users would be notified that the files had been blocked and could be released through a call to the helpdesk.

The catch: This policy change could affect end-user productivity and, ultimately, business operations.

I took a quick look at our employee handbook to be sure we'd reserved the right to block potentially harmful attachments--thank goodness, we hadn't been specific about attachment type. Still, I knew it would take time to get approval from upper management for the policy change we needed to make. I was fortunate to have the backing of our CIO, Steve Fox, who has made my job harder in other situations but, in an emergency, lets me shoot first and ask questions later. I wanted to empower my staff in much the same way. So I gave the go-ahead for the blocking change.

  • 1