|
|
Don't Drag Race on Main Street
by Kent Strickland
Many think of the network as a personal utility– like electricity. It’s just a wire, plug it in and stuff works. “What I do
on my computer across a network is my private business.” It would be nice if it were that simple.
The well-known term “information highway” is more accurate than “information utility” because the network is a shared public
transport, with systems and local networks forming separately governed segments similar to cities. Perhaps a home computer
can be thought of as a personal residence, and a University computer as a business establishment, but when you connect to
the network you are “pulling out of your driveway onto a public thoroughfare.” In such an environment, One does not drag race on Main Street.
When one person’s sense of freedom endangers others, the use of time, place and manner restrictions can help settle the conflict.
Instead of banning drag racing, build a racetrack. This is the difference between reckless and responsible civic behavior.
What is reckless about using a computer on the network? Recreational downloading and use of free software, careless maintenance
of anti-virus software, or non-University-related file sharing or Web surfing exposes systems to significant risk of compromise
by a Trojan program or rootkit. This could easily provide an attacker with a remote foothold inside our network, potentially
leading to serious information exposures or identity theft.
When Information Technology Services deploys software applications, it first tests them in a manner that does not impact production
systems, sometimes using completely separate computers and networks. When the applications have been adequately designed,
configured and tested within customer parameters, they are carefully migrated into production with appropriate notification
and support to minimize disruption.
Likewise, faculty, staff and students must now develop a greater sense of community responsibility regarding use of the mission-critical
BGSU production network. There is an enormous amount of sensitive information traversing the systems and network–there is
too much at stake. It is important to understand how one’s personal actions or inaction can disrupt or harm others in the
form of hacked computers, extreme bandwidth utilization or identity theft.
Like racetracks, use systems detached from the public network for cutting edge, experimental, resource-demanding or risky
software. Understand fully what it does, how it works and whether it negatively impacts others before deploying it on a production
network. Then, everyone wins.
Kent Strickland
ITS Information Security Officer
Many think of the network as a personal utility– like electricity. It’s just a wire, plug it in and stuff works. “What I do
on my computer across a network is my private business.” It would be nice if it were that simple.
The well-known term “information highway” is more accurate than “information utility” because the network is a shared public
transport, with systems and local networks forming separately governed segments similar to cities. Perhaps a home computer
can be thought of as a personal residence, and a University computer as a business establishment, but when you connect to
the network you are “pulling out of your driveway onto a public thoroughfare.” In such an environment, One does not drag race on Main Street.
When one person’s sense of freedom endangers others, the use of time, place and manner restrictions can help settle the conflict.
Instead of banning drag racing, build a racetrack. This is the difference between reckless and responsible civic behavior.
What is reckless about using a computer on the network? Recreational downloading and use of free software, careless maintenance
of anti-virus software, or non-University-related file sharing or Web surfing exposes systems to significant risk of compromise
by a Trojan program or rootkit. This could easily provide an attacker with a remote foothold inside our network, potentially
leading to serious information exposures or identity theft.
When Information Technology Services deploys software applications, it first tests them in a manner that does not impact production
systems, sometimes using completely separate computers and networks. When the applications have been adequately designed,
configured and tested within customer parameters, they are carefully migrated into production with appropriate notification
and support to minimize disruption.
Likewise, faculty, staff and students must now develop a greater sense of community responsibility regarding use of the mission-critical
BGSU production network. There is an enormous amount of sensitive information traversing the systems and network–there is
too much at stake. It is important to understand how one’s personal actions or inaction can disrupt or harm others in the
form of hacked computers, extreme bandwidth utilization or identity theft.
Like racetracks, use systems detached from the public network for cutting edge, experimental, resource-demanding or risky
software. Understand fully what it does, how it works and whether it negatively impacts others before deploying it on a production
network. Then, everyone wins.
|
|
