Here You Have

The news reports that the "here you have" virus brought down servers at both NASA and Comcast should have IT managers looking at why employees have open access to web mail in their workplace web browser.

The aule-browser page on restricted email access begins at a logiquewerks.com page because open access to web mail is often also an open exit for confidential corporate content.

Given that Comcast's own customers run a variety of web browsers, there is no good reason for Comcast to use anything other than their own custom employees-only browser in-house.

Employees tasked with validating customer issues with generic web browsers on the open internet never need to perform those tasks while on the corporate intranet or to run on hardware or an OS which accepts user USB memory sticks as valid storage devices.  The helpdesk practice of using one PC for both internal tasks and external web validation involves a failure to invest in security.  In the early days of PC computing this was not the case in large corporations where 3270 terminals were still in use.  Having participated in the introduction of 3270 emulation with early departmental networking, I remember this situation very clearly.

Today an astute employee running Firefox or Opera as their corporate browser can use "user scripts" very effectively to mask his or her activity from the sight of any cubicle visitor so a casual management approach of "keeping an eye" on your staff will not suffice.

The shibboleth of "web-enabled" should never have meant the expensive choice of allowing free entry across "free" web browsers and "free" web mail.  That cost has been far too high for too long.