Modern Middle Manager
Primarily my musings on the practical application of technology and management principles at a financial services company.
I'm the Most Hated Man at Work

Friday, August 20, 2004  

Starting on Thursday we implemented web content filtering. I really expected wailing and gnashing of teeth, but instead got mostly muted irritation. I made certain every request went through the Help Desk software we have, captured forevermore in a database. Requests for, among others, did not go without remark. Please cite for me the exact business reason you need access to again? Ah, I see. Sorry, no.

It took a few people a little reminder of why we implemented this in the first place. I see that a Download.Ject variant has been created to take advantage of more IE vulnerabilities. Or, to put it more succinctly, our content filtering is not about shaping people's work habits -- it's about protecting our network.

On a more amusing note, I figured out how to make rules on the ProxySG 400 complicated enough that it would reboot itself every 10 minutes. The real trick is to have a rule that examines the URL and compares it to a whole bunch of regular expressions, AND statements and NOT AND statements using more regex and various SmartFilter categories. That caused it to chew on its brain.

The good news is that most people took it in stride. My initial memo that I sent out about a week ago cited several reasons for the security measures, referring back to the CERT vulnerability list for IE and several recent articles on the Trojan horses popping in.

As the CTO of a regulated entity, I take the security threat very seriously. I do not think we have the option of relying solely on our antivirus scanners and we cannot switch from IE due to the websites we need to visit for our daily operations. This is the best solution for us. For now.

posted by Henry Jenkins | 8/20/2004 08:47:00 PM

Comments: Post a Comment
the author
open source