Category Archives: terror

– Tech Terror List 2010

Tech Terror 2010

Tech Terror 2010

We are at the end of this quite frightening year of the Great Recession 2010, and at the eve of another frightening Halloween filled with tiny goblins ringing the front door shouting “trick or treat”.  But what are the “real world” goblins knocking at the door, and facing the chief information officer who opens it?

It is time for me to update my 2008 list of nightmares which frighten a CIO. 

Tablet computers (and smartphones). Tablets were on my 2008 list, but are on my 2010 list for an entirely different reason. They’re everywhere. They’re invading! They’re unmanageable.  And every employee wants to use their own. CIOs have long practiced the mantra of standards standards standards.

You need a computer? Yup, we give you a standard HP model with Windows XP, Office 2007 and Anti-Virus loaded on it. You need a smart phone to do your job? Yup, here’s your BlackBerry connected to Outlook and locked down from installing any dangerous applications which present a security threat.

The CIO as Grinch

Grinch CIO?

All of a sudden it’s “HELLO Mr. CIO” – the iPhone explodes on the scene, then it’s the iPad, and soon it will be the Windows Phone 7 and Android phones and the RIM Playbook and the Samsung Galaxy. And employees LIKE them and wonder why Mr. CIO is the Grinch and won’t connect them to e-mail and the network.

But of course the Outlook sync doesn’t work exactly right on the iPhone and appointments get dropped. Oh, and someone loses their Android smart phone with all the home and cell numbers of half the police command staff but gee we can’t remotely wipe its contents because installing the remote wipe software is the bureaucratic Sign of the CIO Grinch. Oh, and all of a sudden a public disclosure (FOIA) request comes in and the employee needs to cough up all the documents and messages on their personal iPad, even though some of them are quite personal or even relate to the employee’s personal business or political activity. And oh, gee, by the way, the employee “forgot” to back up all those docs on that personal device, violating not just the public disclosure act but the records retention act as well.

In the meantime, the budget of the IT department has been cut 13.3%, and I’ve laid off 5% of my workforce, but still we’re the Grinch because we can’t support this exotic stew of personal devices.  Arggh!

(I’m convinced we’ll eventually support personal smart phones and tablets, but we need better tools and more staff. For 2010, they remain on my Tech Terror Watch List.)

Cyberterrorists and Malware. There is much new to fear on this front in 2010. There is the Stuxnet worm, apparently written by a nation to infiltrate and damage Iran’s nuclear program, but sophisticated enough to attack many industrial or electrical control systems, and hard to find and eliminate. This is only the tip of the iceberg of a new set of computer viruses and malware written by nation-states to attack each other.

Then there was a rash of Trojan viruses and keystroke loggers which infiltrated some government and school sites.  These viruses stole passwords for financial employees at these firms, and those passwords were used to steal hundreds of thousands of dollars.

And there is the appearance of malware on legitimate websites, so even innocent employees doing their job on the Internet could get their computers infected.  Cyber threats go onto my Terror Watch List.

Stop and Think, before Connecting (and also have a good firewall and anti-virus program!).

Smart Phone Apps. One problem with Smart Phones is that anyone can write an app for them, including criminals, hackers and cyberterrorists. Apple, at least, reviews and tests Apps before allowing them into the iTunes store. Such testing doesn’t happen for BlackBerry or Android apps. I really hope Microsoft does thorough testing on its Windows Phone 7 apps before releasing them into the wild. Smart Phone Apps go onto my Terror Watch List.

Water. And Fire. These remain on my watch list for the same reason as in 2008 – a broken water pipe or a fire in my data center can put it out of commission for a considerable length of time. But this year there is hope – “the cloud”. And no, the Cloud doesn’t rain on the parade of my technology. It means that many of our services and applications might eventually live in the Cloud of servers and storage in distant data centers, much less susceptible to earthquake, fire, water and other disasters.

Speaking of Fire, I have a very recent story to relate. Early on Sunday morning, October 17th, someone started a fire (probably to keep warm, as it is a place homeless are often found) behind a rented City building near 3rd and Main. That fire raced up a conduit burning through fiber and copper cables, bringing down phone and data network services to Seattle’s Fire Administrative Headquarters and main transportation department dispatch center.

The outstanding information technology staff of my department, with support from cabling contractors and Fire/Transportation department staff restored most services within 18 hours, but it illustrates why Fire remains on the Watch List.  And why skilled, dedicated, employees are the best defense against such terror.

Customer expectations. Most terrifying of all is the rise of customer expectations in the midst of the Great Recession, falling IT budgets and reduced staffing. Government employees use computers at home, use tablets and smart phones. They bank online, download apps, text message and use Facebook and blogs. But with reduced technical staff, plus a whole series of requirements like HIPPA and CJIS and the public disclosure act, the CIO Grinch has fewer and fewer resources to meet the expectation that those same tools and applications can all be used at work.

On Halloween, 2010, it is those increased expectations which really terrify me as a CIO.

1 Comment

Filed under cybersecurity, disaster, terror