Security Policy Question
Page 1 of 2 12 LastLast
Results 1 to 10 of 13

Thread: Security Policy Question

  1. #1
    Member
    Join Date
    Sep 2003
    Posts
    42

    Security Policy Question

    I would like to get your opinions on the benefits and risks of having users log out of their machines at night instead of leaving turning them off. I presented the idea of leaving machines on to management and they immediately expressed their concern for worms spreading off hours and increased electric usage.

    I see the benefits of leaving machines on as being able to run virus scans, patch machines, and do other security related maintenance. Management did have good points with their concerns, but I almost feel like hiding under a rock is not the way to handle security. Overall I think the benefits would outweigh the risks. Before you add you opinions I want to share some of the details of my unique situation at this company. Security is done from the bottom up and Im the only security person for a company of a 1000 people. This actually adds the biggest risk, if something did happen off hours Im only one person and I can be everywhere and fix everything.

  2. #2
    Senior Member kr5kernel's Avatar
    Join Date
    Mar 2004
    Posts
    347
    This is a good question. I have worked at a larger academic job where we were constantly hit in the middle of the night. Being academia seems to invite even more junk on the network and from international portscans, virus and what not. The question I have is this though, are you noticing an increase in worm activity and security auditing during the night alone? In the academic world we were getting pounded all the time, and with being a research institute people were in all the time so it was hard to convince people to turn off, rather than log off. But in the same sense do you do like what a starbucks would do with Wifi, if you don't want people war driving you after hours, then why not unplug the wap....thats a tough call.
    kr5kernel
    (kr5kernel at hotmail dot com)
    Linux: Making Penguins Cool Since 1994.

  3. #3
    Senior Member
    Join Date
    Apr 2004
    Posts
    1,130
    instead of just leave all pcs expending energy for nothing, why you just implement, when you need to deploy something (patchs, a scan, new software), an automatic power on. You know that most of the new pcs can be powered on remotelly. You turn on the computers during night, do your "safe actions" and turn off all after. Best of the both worlds
    Meu stio

    FORMAT C: Yes ...Yes??? ...Nooooo!!! ^C ^C ^C ^C ^C
    If I die before I sleep, I pray the Lord my soul to encrypt.
    If I die before I wake, I pray the Lord my soul to brake.

  4. #4
    We just have our users log off, and I often just lock the computer instead of looging off myself to keep certain programs running overnight. The biggest importance to me is, like you said, automated virus scans over the night, among various other scheduled tasks. Our data backups are far too massive to run during business hours, as it would consume too many resources, so we have to run that after-hours as well.

    Virus scans, data backups, and other off-hours scheduled tasks make logging off instead of shutting down necessary for many. so I have to stand by that option.

  5. #5
    Senior Member kr5kernel's Avatar
    Join Date
    Mar 2004
    Posts
    347
    This is very true, what about having an auto-shutdown after backups and av are run? If everything finishes up bye 1am or 2, and no one comes back until 7 or 8, a few hours could save on electricity. That is is you can get everything backed up by then. ;-)
    kr5kernel
    (kr5kernel at hotmail dot com)
    Linux: Making Penguins Cool Since 1994.

  6. #6
    True, but additionally, our terminal and data servers are available to access 24/7, and there is late night access from home from time to time, so that is a concern as well.

  7. #7
    Member
    Join Date
    Sep 2003
    Posts
    42
    kr5kernel, we do see more ports scans at night, but they appear on the firewall logs. Our ALCs are pretty tight, not perfect though. We get the most scan over the weekend. No structured attacks to speak of. So, right now the internal network looks pretty good.

    Like AngelicKnight was saying it saves time doing things at night. Right now I scan for viruses once a week while most people are at lunch. Even with low processor utilization on the scanner people still complain. Besides annoying people the virus scanner catches malicous programs and spyware, but can't remove them because the user is holding on to the process. At night the users would be logged out and the virus scanner would have a better chance at deleting the 'bad stuff.'

    But instead management will continue with what we are doing now... Having people manually go to the infected machines and spend time during working hours to clean some spyware off it. Now this is a waste of money!

    I just don't see security at the company improving by hiding from the 'what ifs.'

  8. #8
    Senior Member kr5kernel's Avatar
    Join Date
    Mar 2004
    Posts
    347
    what bummer, the more technology you offer, the more you have to be 100% redundant, and the more electricity you use while opening yourself 24/7 to a vulnerability playground. Where I work now, workstations are turned off and everything is backed up at night. AV is run during meetings on fridays. I still devote many a sunday hours when we are closed to coming in an doing updates / upgrades to machines. Its a double edged sword I guess.
    kr5kernel
    (kr5kernel at hotmail dot com)
    Linux: Making Penguins Cool Since 1994.

  9. #9
    AO French Antique News Whore
    Join Date
    Aug 2001
    Posts
    2,126
    Take a look at this thread..

    http://www.antionline.com/showthread...hreadid=251235

    The program at the end of the thread is Wake on Lan Program that runs into a command prompt! That I do at my job is I have a scheduled task on a server to run the program that wakes all PC at 3:30am every Tuesday Morning. At 4:00am, the Automatic Update from my SUS Server run and at 4:30am, an AV scan run.

    That quick and simple. You wont get a lot of attack at 4:am, you wont waste electricity and everyone will be happy!
    -Simon \"SDK\"

  10. #10
    Member
    Join Date
    Sep 2003
    Posts
    42
    Nice, thank you. I just downloaded it. I'll give it a try and let you know how it goes.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •