> Date: Tue, 19 Jan 1999 10:50:32 -0500
> From: "Knapp, Ken (SD-EX)" <[EMAIL PROTECTED]>
> Subject: RE: Content filtering
>
> Sorry. I can't agree.
>
> I used to work for a government law enforcement agency and we enforced what
> you just stated. Don't steal. That's the example you just wrote and its not
> "inconsistent" with the law. To put in place a security policy that enforces
> this is consistent with corporate and public law, and that is to "not take"
> something that doesn't belong to you.
>
> I believe what Todd said, and please correct me if I'm mis-stating this, is
> a policy that is "inconsistently more strict.."
Yabut I know Todd, and I doubt he was talking legalistically, like you.
He talked about "annoying people". Let's call that "systems analysis". ;-)
> I'm all for monitoring...
Yet you sound embarrassed by it. "If you invade privacy..."
Bennett referred to "censor".
Gosh, ain't there a way to monitor firewall traffic
without running into hurt feelings simply because
port SMTP is being checked?
Sure: notify all employees that Internet email traffic,
along with anything else passing through the firewall
is being monitored. And, of course, state it clearly
in the employment contract.
When I went in to do email traffic analysis at one site,
I had to sign a standard (for them) page saying I allowed
them to monitor my phone conversations.
Did I have hurt feelings that the company wanted to monitor
its own equipment?
No, especially since I was notified.
People might still have hurt feelings, but at least
they've been notified.
----
> I'm all for monitoring, I do with our firewall and have with others.
> But it's not something I sit there and do all day long.
At some point, that needs to happen, if you're going to have
content security. I'd say over 50 Mb of email in/out of the
firewall on a daily basis qualifies. I have a GUI'd security
tool for doing exactly that.
These are the basic categories of email security incidents:
o employees just trying to get work done
o employees working on their own jobs while within the firm
o "Dumb & Dumber"
o employees within their last two weeks of work (got a new job)
o idiots (misc)
When I first turned on my (homegrown) email monitoring software
at a brokerage firm with 7,000 employees, it picked up 38,000 lines
of proprietary source code within the first three days.
After five months, it was over 400,000 lines of proprietary source code.
And that was just source code. (nor were any keywords used to spot source)
People will rob and expose your proprietary operating information
left and right, as if they had the gawd-given right to do so.
And we kept telling employees it was monitored.
Anyone not monitoring many megabytes of firewall traffic
is not performing much of a security role, beyond keeping
the barbarians coming in the gateway.
---guy
Just lipservice.
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
