Your shout
- Posted:
- 14:48 05 Apr 2004
- Topics:
- VoIP | Security | IT Security Alerts | IT Legislation & Regulation | Personal Computers | e-mail | Databases | Laptops | Open Source Software | Regulatory Compliance | Viruses & Virus Protection | Business Continuity | Desktop Operating Systems | Spam & Phishing | Operating Systems | IT Standards & Protocols | Technical Support | Content Filtering | Software Development | IT Workforce | IT Management | Linux
Have your say at computerweekly.com
The legality of bounced virus warnings
In response to Terry Davies' comments (Letters, 30 March)
that returned virus alert e-mails are breaching the Data Protection
Act
I hope that the comments about the legality of bounced virus
warnings were more tongue-in-cheek than a serious criticism. I am
concerned that this sort of pedantry with regard to the Data
Protection Act is indicative of the attitude that led to data on
Ian Huntley being deleted, with the disastrous consequences we are
familiar with.
The Data Protection Act is there to facilitate the protection of
people and restrict the misuse of personal information that is held
about them.
Simon Mallett
Regarding Terry Davies' letter voicing his idea about making sites
that bounce virus messages to the spoofed sender's address liable
to spam and Data Protection Act laws, I have another thought. Why
not treat sites that persist in sending such warning messages the
same way we treat open mail relays?
If organisations such as Maps, for instance, kept a similar
database of sites that forwarded false warnings like these, we
would soon see this annoyance greatly reduced, if not stopped
altogether. Any site on the blacklist would find its ability to
send e-mail greatly hampered until it resolved its notification
process, giving them a stronger incentive to put their house in
order.
Bill Hart, senior project analyst, Institute of
Directors
The distinction between different titles
I have noticed many job descriptions in Computer Weekly involving
an information or systems "architect".
It may be a pedantic point to make, but as a chartered architect
employed as an IT manager, I feel it is my duty to point out the
legal status of the word. I toiled for seven years at college on
ever-decreasing grants to now enjoy the title of architect. It is
protected in law in the same way the title doctor is. It is
technically illegal for anyone other than an ARB-registered
architect to call themselves such.
Admittedly, this was originally to prevent unqualified building
designers kidding potential clients of their pedigree, but I find
it interesting to see its substitution in the place of the word
"designer" as applied to the IT industry. Is it because the people
describing themselves as such feel it is a good parallel with the
function of a traditional architect?
Maybe it sounds better, but I would suggest that many people may be
unaware of the official line. I am not proposing the practice stops
as the two jobs function in different spheres, so there is no
danger of confusion.
Richard Wallis, group IT manager, Lewis &
Hickey
The Microsoft/Linux EU decision
I for one was pleased with the EU's decision to fine Microsoft
following an antitrust hearing.
Faced with Microsoft's dominance of the PC market, a worldwide
community of software engineers, supporting Linux, have created a
truly excellent operating system, desktops and applications that
are a serious threat to Microsoft's future business.
My company has now moved over to Linux, using the latest hardware,
dual-screen configured, and has less problems than with
Microsoft.
As an engineer with more than 20 years' experience of software
engineering and eight years' of Windows, all I can say is what a
miracle the Linux-based operating systems are.
I hope that you, on your part, support the EU in its decision. We
all need an equal playing field, because without it, innovation
will be stifled by commercial interests.
Robin Colclough, chief executive, Sentel-AVC
Firewalls can hinder effective working
Further to complaints of excessive e-mail filtering (Letters, 30
March), sometimes firewall administrators can cause more harm than
benefit to a business because of over-zealous filtering based on
content.
Until recently I worked as a software developer for a major UK
company, where I needed to access a technical support web page for
some third party software we were using. The corporate filter
prevented this on the basis of "unsuitable content". A whole day
was lost in project development until I got home and could look up
the web page from there. I could not find out what word or phrase
the firewall was objecting to.
Again, as a software developer it is often necessary to send or
receive .exe files via e-mail. The corporate firewall
administrators made this impossible and provided no alternative
means, nor would they put special permissions in place.
This meant our department could not do its job. I wrote a
tunnelling program that could send and receive anything through the
firewall. Problem solved? It certainly became the software
department's most closely guarded secret.
Firewall administrators need to work with all departments and try
not to impose blanket solutions on users.
David Townsend, director, Avisoft
Slow the transition and costs to convergence
It is not surprising that convergence was one of the main themes at
this year's CeBIT show (Computer Weekly, 16 March). The reality of
voice and data convergence has come to the fore, fuelled by the
decreasing cost of network capacity.
However, many organisations keen to leverage the benefits of IP
telephony are being put off because they are led to believe that
widespread infrastructure change (and therefore significant
investment) is required prior to any deployment, irrespective of
how far they wish to go towards a fully converged model.
This is simply not true. There are a number of highly effective,
cost reducing, halfway houses. In many situations, a hybrid IP
solution is best suited to meet current and future
requirements.
The best hybrid approach enables an organisation to be 100% native
(peer-to-peer) IP at one end of the spectrum, 100% traditional
(TDM) telephony at the other end of the spectrum, and any
combination in between.
This gives an organisation the freedom to choose how quickly it
wants to adopt the latest technology, enabling a cost-effective
migratory strategy for convergence, while ensuring a future-proof
system.
There is no doubt there is still a need to evangelise the benefits
of converged networking. However, the speed at which the transition
takes place from separate voice and data networks to a converged
network is not the be all and end all.
Chris de Silva, managing director, Philips Business
Communications
IT directors could do more to prevent
viruses
Last week it was reported that 30% of organisations suffered a
serious virus outbreak last year, double the 2002 figure, and that
the disaster recovery costs for each disaster were £55,000.
Not surprisingly, this sent a shiver through the IT
community.
But should we be surprised when so few IT managers are taking the
right precautions? Cumbersome "de-install" procedures mean most IT
managers continue to rely on anti-virus products that have less
than a 100% success rate for "in the wild" testing, slow scanning
rates and do not use the most up-to-date heuristic technology.
Isn't that just asking for trouble?
Paul Brook, Aspect Systems
Outsourcing could make IT blind to its
systems
Julia Vowler's piece on outsourcing (Computer Weekly, 23 March) was
the most interesting article I have read on the subject for a long
time. But I worry that in following the strategies from the
interviews in the article (and I don't doubt they are sensible
strategies for those outsourcing), companies could find themselves
losing control of their destinies.
One problem lies in the knowledge of technology and its use. One
interviewee said companies should retain "just enough technical
skills to understand what the outsourcer is bringing and what
technology could be useful".
I struggle to see how a company can judge what technology could be
useful if it has little technical involvement in its systems, and
hence little idea of the technical strengths and weaknesses of the
arguments.
I can see how that knowledge will be in place at the start of the
outsourcing contract but, as time passes, surely that expertise
will wither away, leaving an uniformed buyer unable to make
decisions.
Iain Smith, director, Diaz Research
Mobile working leaves corporates exposed
With many employees being encouraged to work remotely, either at
home or on the road, a significant amount of company information is
being stored locally on laptops and PCs. This quickly becomes a
business continuity issue for firms that do not religiously back-up
their employee's personal computers as they would their shared
company files.
If a PC gets lost or stolen, or if the data on a large-scale
project becomes corrupted, the potential cost to the business from
just one laptop could be enormous.
Back-ups require human diligence, which is flawed. Back-ups also do
not address data accessibility across teams.
What is needed is an automated, reliable mechanism for the data
generated outside of the office so that it cannot be abused or
circumvented; a mechanism that collates the information centrally
without limiting the flexibility of the remote user.
As such technology is available, it is surely an unacceptable risk
for firms to allow employees to use personal machines which are not
in some way centrally connected to the company database. Apart from
the obvious benefits of shared information, working in this way
will ultimately be safer for all.
Les Paul, managing director, Datum Consulting
