Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Reality IT: The Key to Security: Prevention

I made sure that Bucky followed our computer incident response plan, most of which he wrote. As part of the plan, I advise our CIO, Steve Fox, who in turn is responsible for informing senior business leadership at ACME. Steve wanted to keep the problem quiet--it seldom helps your business to announce security troubles--but in situations like this, informing key business leadership is critical. That's why Bucky reports to both IT and our auditing department: We want to be sure the right hand always knows what the left is doing.

Steve informed the appropriate corporate contacts. Next, we told our employees which services were down, though we didn't go into details about why. At that point, Bucky, Dirk and I sat down to figure out what went wrong.

Fool Me Once

Getting to the root cause was a painful process that demanded complex computer forensics on the compromised box. We sent the server drive out to be analyzed by a security specialist company, which gave us back some good information as to why we were hacked. On the positive side, the consultancy confirmed that no corporate data had been stolen, and we determined that no other systems were affected.

We had budgeted this year to implement host-based and network-based intrusion detection systems, especially for all our Web-facing systems. But Murphy's law kicked in--we hadn't started that project yet either.

  • 1