I used to let the users know (in a friendly way) that their input was not welcome. Coupled with a small amount of verbally communicated education (e-mail never works -- that's the system which is creating the hysteria. Face-to-face seemed to be the only way to remedy that), the process acted pretty much like a decent spam filter: you can't stop it from happening, but you can filter what comes through to you.
Basically, these "alerts" amount to little more than sensationalist news articles/urban legends, etc., and users will continue to propogate them despite your best technical efforts because it is a human problem. So I just put an unwritten "while interfacing with IT" policy in place: don't even bother. Of course, they'll still talk about them over lunch, or what have you, and the odd one will sneak through (just like spam), but with the right amount of polite "screw off" factor, people by and large just stop. Even the CEO. Backed by process and policy (of protecting computers through a technical system and user education), there's little you can't ward off. If the CEO tells you it's your new special project to hunt the latest hoax and make sure you're covered, you can remind him: "we are covered; by our antivirus system which automatically updates, and by receiving relevant alerts from credible technical sources direct to my inbox before you ever hear about them". If you don't have an organizational policy like that to stand behind (i.e. where IT is actually in charge of technology concerns) then you have a whole other problem. I've been there, too, but we won't go there. :-D My thoughts, Curtis On Tue March 30 2004 10:11, J. Rafael S�nchez wrote: > Hi All, > > As a system admin, users are constantly inundating me with virus hoaxes, > virus alerts, and so on that they get. Even though, I've informed, > posted commons sense tips how to deal with viruses and so on and so > forth. I also have spammassassin in place which is working very nicely > so far. > > Nevertheless, they don't read, or follow common practices that are in > place for them to deal with the majority of these mail/internet related > issues. It's is my job to make sure that systems are secured and > virus/spam free. That is my job and I'm happy to do it. > > However, when you get these little things over and over from users, from > every level of the corporate latter, expecting that I go chasing around > every little critter whether fake or real, it becomes a time-wasting > activity. Some of them I can ignore, which I do. But some of them I > can't, specially if comes from the president. > > I'd like to ask you, how do you deal with such situation. Of course > assuming that tools and measures are in place already. How do you deal > with this from the "people" point of view. > > I did some googling but did not find anything useful so far, will > continue searching... Any thoughts are welcome. > > Thank you. > Rafael. > > ---------------------------------- > HERE'S ONE EXAMPLE... > -------------------------------- > Raf, just received this....cliff > > ------ Forwarded Message > From: [EMAIL PROTECTED] > Date: Tue, 30 Mar 2004 10:04:42 +0200 > To: [EMAIL PROTECTED] > Subject: Virus Alert > > VOUS AVEZ ENVOYE UN MESSAGE A l'ADRESSE <[EMAIL PROTECTED]> CONTENANT > LE > VIRUS WORM_NETSKY.C DANS LE FICHIER note.zip. L'ACTION deleted A ETE > EFFECTUEE. LE DESTINATAIRE A ETE PREVENU. VEUILLEZ VERIFIER VOS MESSAGES > AVANT DE PROCEDER A TOUT NOUVEL ENVOI. *** YOU HAVE SENT A MESSAGE TO > <[EMAIL PROTECTED]> WITH THE VIRUS WORM_NETSKY.C IN THE FILE > note.zip. > THE ACTION deleted HAS BEEN DONE. THE RECIPIENT HAS BEEN WARNED. PLEASE > VERIFY YOUR MESSAGES BEFORE NEW SENDINGS. > > ---------------------------------- > AND ANOTHER... > ---------------------------------- > Raf, I'll check on whether I sent such a message--definitely not in the > last > few days...cliff _______________________________________________ clug-talk mailing list [EMAIL PROTECTED] http://clug.ca/mailman/listinfo/clug-talk_clug.ca
