Security

5 precautions to take for the holiday break

What do you think about when Christmas approaches? Some of us think about how vulnerable our networks might be while we're away on vacation.

In recent years, the holidays have seen drop-offs in the volume of spam and virus traffic on the Internet. The reasons aren't proven, but I suspect it's mostly because a lot of poorly secured home computers that have been infected by malware without their owners' knowledge are turned off while they leave town. As a result, legions of MS Windows systems absorbed into botnets and otherwise turned into platforms for automated security cracking drop off the Internet.

On the other hand, enterprise networks and other high-value targets may be more at risk than usual. Not only do many of them let most of their network administration staff members take vacation time, often letting all the most senior IT employees go incommunicado for a week or two. This leaves a network more vulnerable than usual, and malicious security crackers who target such organizations probably know it.

The following last-minute precautions should probably be on your To Do list for just before leaving the office this holiday:

  1. Make sure your backups -- both on-site and off-site -- are current, and test them to make sure you can actually restore from them. Remember: if it hasn't been tested, it's not a good backup.
  2. Intrusion detection and alerts (sent to someone with the ability and authority to do something about it who will monitor alerts during the holidays) should be automated as much as reasonably possible.
  3. Ensure that disaster recovery procedures are thoroughly documented for whoever will be around during the holiday break.
  4. Go over the automated security measures you have in place to determine whether they can be improved, such as firewall rulesets, VPN authentication procedures, and protection for your integrity auditing snapshots. What time is better for a review and improvement plan than the weeks before (almost) everyone will be gone for a while, and your automated security measures will have to mostly fend for themselves?
  5. Last but not least, treat your employees well. If possible, give everyone some time off (without being on-call) that fits his or her needs -- and if not, give whoever doesn't get the time off some extra compensation to make up for it. It's not just about being a friendly boss; a frustrated employee may not do as good a job of ensuring the security and reliability of your IT resources.


On a personal note, I received a box of swag and a card from the editorial staff at TechRepublic -- including a TR desk flag, a pen, a rubber ball with lights in it that flash when it bounces, and my second TechRepublic coffee mug. Those mugs are some of the best coffee mugs I've ever seen, by the way. Now that I have one each for me and my "Significant Other", I just need one more to hold pens on my desk. Maybe I'll get it next year.

This is my public thanks, and my wishes for a happy holiday, to everyone who signed the card -- and to all my readers. Barring catastrophe on vacation, I'll see you next week.

About

Chad Perrin is an IT consultant, developer, and freelance professional writer. He holds both Microsoft and CompTIA certifications and is a graduate of two IT industry trade schools.

5 comments
apotheon
apotheon

What are you doing for the holiday break? What precautions are you (or is your company) taking for the continued security of IT resources in the absence of IT staff?

Sterling chip Camden
Sterling chip Camden

I got the same swag package -- my son really likes the ball. Unfortunately, my flagpole was bent. I hope that wasn't a sign.

apotheon
apotheon

My flagpole had a "nice" curve in it, too. No way to fit it in the box otherwise, I guess. Is yours curved, or creased? If that latter, maybe you should ask for a refund -- or maybe someone at the TR mailroom just really doesn't like your writing. I just flexed mine to straighten it out a little so it doesn't look too terribly developmentally disabled, but it still kinda has a "sad little Charlie Brown Christmas tree" look to it. I'm okay with that, I suppose.

apotheon
apotheon

I haven't gotten all the bend out of my flagpole either (that doesn't sound right, out of context). The curl of the flag is my biggest problem with it, though -- it isn't really recognizable as a TR flag, the way it curls, and worse yet it curls so that it shows the wrong side of the flag on the outside -- whereas it should be showing the brighter side where the words run left to right, I get the more subdued side where you see the words backwards through the fabric of the flag. Still . . . it's a TR flag, so it's a neat accessory to have on the shelf at the top of the desk, above and to the right of the LCD monitor.

Sterling chip Camden
Sterling chip Camden

I guess ours were packaged identically. I was unable to get all the bend out of mine, and the flag wants to curl as well.