Some options... 1) Training...
I showed a couple of my people here how to send email from the command line (telnet mail 25, ehlo, etc, etc, etc). This showed them how mail viruses forged false email addresses, and why they recieved email from unknown addresses. I didn't tell them to send joke emails to each other, but I made it clear that this can and does happen. Then I kicked back. So they'd get email from stupid names, President Bush, or whoever, and they'd see that these are REALLY easily faked. They'd soon understand what was happening, and it would fade out like it does for us (because WE know what's happening). Then the problem largely disappears. This gets buy-in, because it lets them play a little joke on their co-workers. It educates them as to how easy it is to trick a mail system into doing something mischievious. But for my purpose, it shows them that this is nonsense, and useless. Problem solved. Not by whining and complaining. So the IT guy doesn't look like a dick. Rather through some innocent fun, they learn it for themselves. After you show a few people "here's what the virus did, and here's how you could do it", they'll all teach themselves in their own little cliques. Then the problem will die, both for fooling around, and for useless questions to you. 2) The rewards Program. Next. I'd make a point of acknowledging intelligent users. Ask for $400 in budget for prizes. Buy movie passes, Restaurant Gift Certificates, whatever. and hand out a monthly prize to the user of the month -- the person who does something really smart that month. Some months, there may not be a winner. Some months, there may be 2. But if someone does something outstanding, acknowledge it. Publically. Include a letter for HR to put into their file for review time. Keep in mind that you WANT the good users, so you want them to be happy. If your letter means the difference between a 3% and a 4% raise, that's a great thing for them, and it's a great thing for you. 3) Cost. Track the number of these calls that you get. Then include 5 mins for the user, 5 mins for you to call and get an answering machine, and 10 mins for you to type up a response to their concern. Multiply that by a guessed (but reasonable) average wage for your company. ($35/hr (It'll be higher than you think once benefits, vacation and bonuses are all included)). Show that each call will cost .33*$35=$11.55 Then multiply that by the number of calls per month. Lets say 10 calls = $115.50/month. 12 months per year means $1386.00/year is wasted answering these calls. That's 1 week per year of time. Perhaps it's higher, perhaps it's lower. But it's also worth noting that this is time wasted when you are most needed to patch/update or otherwise prevent this from becoming a major problem. Kev. On March 30, 2004 10:11 am, J. Rafael S�nchez wrote: > Hi All, > > As a system admin, users are constantly inundating me with virus hoaxes, > virus alerts, and so on that they get. Even though, I've informed, > posted commons sense tips how to deal with viruses and so on and so > forth. I also have spammassassin in place which is working very nicely > so far. > > Nevertheless, they don't read, or follow common practices that are in > place for them to deal with the majority of these mail/internet related > issues. It's is my job to make sure that systems are secured and > virus/spam free. That is my job and I'm happy to do it. > > However, when you get these little things over and over from users, from > every level of the corporate latter, expecting that I go chasing around > every little critter whether fake or real, it becomes a time-wasting > activity. Some of them I can ignore, which I do. But some of them I > can't, specially if comes from the president. > > I'd like to ask you, how do you deal with such situation. Of course > assuming that tools and measures are in place already. How do you deal > with this from the "people" point of view. > > I did some googling but did not find anything useful so far, will > continue searching... Any thoughts are welcome. > > Thank you. > Rafael. > > ---------------------------------- > HERE'S ONE EXAMPLE... > -------------------------------- > Raf, just received this....cliff > > ------ Forwarded Message > From: [EMAIL PROTECTED] > Date: Tue, 30 Mar 2004 10:04:42 +0200 > To: [EMAIL PROTECTED] > Subject: Virus Alert > > VOUS AVEZ ENVOYE UN MESSAGE A l'ADRESSE <[EMAIL PROTECTED]> CONTENANT > LE > VIRUS WORM_NETSKY.C DANS LE FICHIER note.zip. L'ACTION deleted A ETE > EFFECTUEE. LE DESTINATAIRE A ETE PREVENU. VEUILLEZ VERIFIER VOS MESSAGES > AVANT DE PROCEDER A TOUT NOUVEL ENVOI. *** YOU HAVE SENT A MESSAGE TO > <[EMAIL PROTECTED]> WITH THE VIRUS WORM_NETSKY.C IN THE FILE > note.zip. > THE ACTION deleted HAS BEEN DONE. THE RECIPIENT HAS BEEN WARNED. PLEASE > VERIFY YOUR MESSAGES BEFORE NEW SENDINGS. > > ---------------------------------- > AND ANOTHER... > ---------------------------------- > Raf, I'll check on whether I sent such a message--definitely not in the > last > few days...cliff _______________________________________________ clug-talk mailing list [EMAIL PROTECTED] http://clug.ca/mailman/listinfo/clug-talk_clug.ca
