![](https://seccdn.libravatar.org/avatar/989697287067e616c1c030c19896a582.jpg?s=120&d=mm&r=g)
On Fri, 2006-06-16 at 14:51 -0700, kai wrote:
I'd highly suggest bolting it down to the desk. That usually works fine. At least you won't get in the news like the US Department of Defense.
I 100% agree! Physical, physical, physical! It takes no less than a dozen meetings, arguments and, sometimes, even threats, but anytime someone talks about not having separate, physical networks, wants portable computers or "remote administration" I take the keyboard to them. - You will put that financial back-end on a dedicated, non-Internet connected network. - You will not put any classified information on the non-classified network - You will go into a secured room with sign-in/out to administer it and I will _not_ allow you to remotely administer from a non-secured area I have spent my career working on US DoD classified programs and in major, major US financial institutions that handle a significant number of our nation's transactions. Management will argue cost, support issues, etc... and you have to tell them they are wrong, wrong, wrong repeatedly. And I am not afraid to say it to their face -- "You might get a bonus now for saving money, but someone else will be cleaning up the mess a few years from now after you've been promoted." Now I can't talk about their stupidity, collectively or otherwise, because of various agreements I have signed. ;-> But more publicly, Ohio's First Energy is a perfect example of a chronic screw-up. Their IT -- despite complaints of plant engineers -- allowed their control systems networks to be tied into their general networks for "support purposes." So when a worm came through it overloaded First Energy's control systems and they couldn't provide necessary standby power to the grid. It significantly contributed to the NE US / southern Canadian black-out a few years ago. And what's worse is that the same issue took down a First Energy's nuclear power plant control system just 6 months earlier (luckily it wasn't producing power, but was in test). Physical, physical, physical security. -- Bryan J. Smith Professional, technical annoyance mailto:b.j.smith@ieee.org http://thebs413.blogspot.com ---------------------------------------------------------- The existence of Linux has far more to do with the breakup of AT&T's monopoly than anything Microsoft has ever done. -- Check the headers for your unsubscription address For additional commands send e-mail to suse-linux-e-help@suse.com Also check the archives at http://lists.suse.com Please read the FAQs: suse-linux-e-faq@suse.com