Guest post: Chad Perrin is an IT consultant and developer. He can be found on TechRepublic's Security blog.
What do you think about when Christmas approaches? Some of us think about how vulnerable our networks might be while we're away on vacation.
In recent years, the holidays have seen drop-offs in the volume of spam and virus traffic on the Internet. The reasons aren't proven, but I suspect it's mostly because a lot of poorly secured home computers that have been infected by malware without their owners' knowledge are turned off while they leave town. As a result, legions of MS Windows systems were absorbed into botnets and otherwise turned into platforms for automated security cracking drop off the Internet.
On the other hand, enterprise networks and other high-value targets may be more at risk than usual. Not only do many of them let most of their network administration staff members take vacation time, often letting all the most senior IT employees go incommunicado for a week or two. This leaves a network more vulnerable than usual, and malicious security crackers who target such organizations probably know it.
The following last-minute precautions should probably be on your To-Do list for just before leaving the office this holiday:
- Make sure your backups -- both on-site and off-site -- are current and test them to make sure you can actually restore from them. Remember: if it hasn't been tested, it's not a good backup.
- Intrusion detection and alerts (sent to someone with the ability and authority to do something about it who will monitor alerts during the holidays) should be automated as much as reasonably possible.
- Ensure that the disaster recovery procedures are thoroughly documented for whoever will be around during the holiday break.
- Go over the automated security measures you have in place to determine whether they can be improved, such as firewall rulesets, VPN authentication procedures, and protection for your integrity auditing snapshots. What time is better for a review and improvement plan than the weeks before (almost) everyone will be gone for a while, and your automated security measures will have to mostly fend for themselves?
- Last but not least, treat your employees well. If possible, give everyone some time off (without being on-call) that fits his or her needs -- and if not, give whoever doesn't get the time off some extra compensation to make up for it. It's not just about being a friendly boss; a frustrated employee may not do as good a job of ensuring the security and reliability of your IT resources.