Computer security road bumps

Computer security programs are a great thing. There are unscrupulous people out there who would like nothing better than to access your computer or the information on it, or simply to mess it up because they can. With the right security in place, you can access the internet, do your banking online, download software or other files, play online games, do work for a company in another state without ever visiting their office, and much more – all without worrying about the viruses, worms, and other malware that is out there.

Like physical security, however, it comes with a price, and not just in the dollars spent on the software. If you keep your front door locked, you can’t tell a friend, “Just come on in, I’ll be in the kitchen working.” If you lock your car, you deter thieves, but you risk locking your keys in the car. (I’ve lost track of how many times I’ve done that. Fortunately I’ve never done it with the engine running. But I did once block the gas pump at the gas station for nearly an hour because I couldn’t move my car until my husband got home from work and brought my extra keys.) 

One of my tasks at work is to process requests made by our users to access websites that have been blocked by corporate security filters. I have an old laptop issued to me just for this purpose, to check out the sites people are trying to access. I don’t log onto the company network, so I bypass all corporate security and can access any internet site – but whatever malware the laptop may pick up can’t be transmitted back into the network.

Often the blocked sites are search portals that contain spyware or other malware. Unlike search engines such as google, they provide little if any useful information – but lots and lots of advertisements. I do my best to find the site the user really wanted, send a link to it, and explain why the blocked site was blocked. Other times the request is to download a file, and I either download it myself and send it to the user or pass the request along to our helpdesk.

Occasionally, though, I get a more unusual request. A week or two ago, a request came through to access a site tagged as “pornography.” I got out my laptop, accessed the site – and hoped nobody would walk by and see what was on my screen. I quickly closed the laptop, and tried to decide how to phrase my response to the user. Finally I settled for a bland “Are you requesting this for business purposes?”

It turned out to be the result of a typo. He had typed “alt” instead of “att” as part of the web address, and the operators of the seamier side of the internet take full advantage of such typos to redirect unwitting users to sites they would never have visited intentionally. (I suppose there must be some users who, having found themselves at such sites, will be unable/unwilling to resist the temptation to check them out.)

Sometimes the sites that are blocked are due to the ambiguity of words in the English language. There are a number of industrial tools that use a trigger mechanism, and some of them are referred to as “guns.” (I used to work for a manufacturer of abrasive blasting equipment, and an integral component of every piece of equipment was the “gun” at the end of the hose that aimed the stream of abrasive at the object being blasted.) Not surprisingly, the websites of companies that sell such tools may be mistakenly classified under “weapons.”

Sometimes there are legitimate requests to access websites that are normally off-limits. Sites pertaining to computer games and gambling are blocked, as they have no business purpose for the average user, and such sites would constitute a temptation to misuse company-issued computer equipment. Casinos and computer game publishers, however, are also potential customers of ours, and our salespeople occasionally request access to their sites to gather information they hope will lead to a sale.

Last year I processed one request to access a site on breast cancer research. (It’s rather hard for our filters to distinguish between good and bad uses of words related to human anatomy.) At least twice I’ve explained to users that they were the targets of “phishing” attempts, and that if they had been given access to the sites they requested, they would likely have become victims of identity theft. And sometimes I have to tell users that no, they can’t access personal email via the web from a company computer, and no, they can’t listen to their favorite radio station online.

It’s a very small part of my job, timewise, but an interesting one. Probably the vast majority of users on the network never make any of these requests, or think about how the security works, or what it takes to protect our users and equipment while giving them access to do the work they need to do.

Lately I’ve been thinking it would be nice if there were a similar mechanism on my home computer, to be able to send a “hey, let me do this” message and have someone tell me why it’s not working, or how to get around the problem. I installed Kaspersky Internet Security on my PC a few months ago, when my subscription to Norton AntiVirus expired. It does a great job protecting my computer, but, like our security filters at work, it blocks things that I know are safe and that I want to use.

If it would always come up with a message saying “This is blocked by Kaspersky,” it would be a minor annoyance. I’d open Kaspersky, find the blocked application, and lower the restriction (there are degrees in between trusted and blocked). But in some cases, all I get is a message saying that a file or path cannot be found, or that I don’t have access to it. I just figured out yesterday that Kaspersky was behind that, and unblocked the ftp program I use to update the family website.

A few weeks ago, I spent hours trying to figure out how to get a computer game to work, after not having played it in months (apparently since before installing Kaspersky). I tried reinstalling, but it made no difference. I found my original order # and contacted the publisher. They responded that I hadn’t bought directly from them, and I then contacted the company I had bought it from. They said that the error I reported was typically only seen on machines running Windows Vista, which I don’t have.

I had given up on playing the game again, and told myself I was tired of it anyway. But yesterday, after figuring out my ftp problem, I went into Kaspersky and unblocked my computer game. Aha! Now it runs just fine. After playing for two hours and getting no further than the last time I tried, I may be tired of it after all. But it’s nice to know I can play it if I want to.

4 Responses to Computer security road bumps

  1. I think it’s awesome that you’re a gatekeeper for Website access. More companies need to adopt your company’s mindset.

    I am curious about your statement regarding having the right security in place. For security to be that bulletproof, so that people don’t have to “worry” about malware, would mean that the security product works against unknown and undocumented threats – and a person can go to any Website, open any email attachment and run any program without concern. I have yet to encounter a security product that gives me that much confidence in protecting my computer.

    • Pauline says:

      I realize that no security is truly “bulletproof,” but I feel reasonably confident in visiting a variety of websites and downloading software from companies I do business with. No, I wouldn’t “open any email attachment and run any program” – but I can do the activities online I described without doing that.

      I keep the security set so that it is checking the emails I do open and the programs I do run – which is why I run into the problems I do when it decides it doesn’t trust a program and won’t let me use it. The ones I tell it to let me use anyway are those I used without problems for a long time in the past, before I got this security program.

      There are definitely tradeoffs involved with computer security, just as with physical security. You can’t have total security and total access at the same time. But you can have a wide degree of access and a comfortable degree of security – you just have to realize that both have their limits and have an idea where those limits are.

  2. BillS says:

    Similar to your old laptop, you could try a site like mypersonalbrowser.com which creates a new browser window off of your current computer and outside your company firewall to surf and test sites like this. If the sites have malware your current computer will be protected. Again, sort of like your old laptop approach except with a computer in someone elses data center. It’s a pay for site, though. Thought it worth a comment.

  3. ivancode10 says:

    yeah kaspersky always the best

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: