Stories by Vince Tuesday

SSL broadens VPN access

FRAMINGHAM (11/10/2003) - The most important document a security professional can write isn't a policy document; it's his résumé.

New job brings back old problems

FRAMINGHAM (10/10/2003) - At 10 a.m., the boss called the entire IT security team into a meeting room, but without the line manager. He said that the line manager had been sacked.

Layered defense falls to worm attack

FRAMINGHAM (09/25/2003) - We were pushing for a speedy move to the supposedly more secure Windows Server 2003 -- until we ran into the vulnerability in remote procedure call (RPC) services that use the Distributed Component Object Model. Every version of Windows, including Server 2003, is vulnerable to this latest buffer-overflow flaw. So we're rethinking our plans.

The strange case of the phantom intruder

About a year ago, our company detected unauthorized access to an internal system. The attack could have been carried out only by an insider or by an external attacker who had working internal credentials.

The case of the worm attack that wasn't

I was happily dreaming about a well-secured network when the beeping of my cellphone woke me. It was the office. I'd been away from work for a few days and was making an effort not to read my email or check on the security team. The call gave me an excuse to find out what had been going on.

How not to get a job

I've always been lucky when it comes to staffing. I employ people I'm very happy with, and despite high turnover within the industry, I've always managed to retain key people. There are many reasons for this, but hopefully, one of them is because I treat them well and let them develop professionally.