Multiple strategies guard youth services agency

Major corporations aren't the only ones who need to protect confidential information, ward off spam and malware, and defend against intrusion. Local youth service agencies must do the same, with far smaller budgets.

Youth Services of Glenview/Northbrook, Ill. provides counseling and support to more than a thousand children of all ages. The 10 full-time staffers offer 40 programs to address common issues including kids in trouble, socialization, ADHD and family concerns. This 30-year-old independent agency receives some money from two local governments, along with contributions and outside grants.

"Keeping to a single platform strategy, our 18 workstations all run Windows 2000," said Bill Thomas, former board member and current volunteer system administrator. The staff uses these mainly for ordinary office functions like word processing. However, they also keep an extensive database tracking every contact with every child, to generate reports on staff, kids and programs. Naturally, all this material must remain confidential and secure.

"Internal security is a real issue here, not with staff, but with problem clients trying to break into workstations," explained Thomas. Windows' own security handles most of those problems, with timed lock-downs, mandatory login passwords and routine 90-day password rotation.

Spam and e-mail-borne malware are also major concerns. As with many service agencies, e-mail addresses are freely available to the public, and consequently wind up on every spammer's list. "We have several strategies for managing our e-mail," Thomas points out. First is a separate server, used exclusively as an e-mail gateway. This keeps e-mail away from user workstations until it's scrutinized.

They also use MailSecurity and MailEssentials from GFI in Cary, N.C., to scan all incoming and outgoing e-mail. Proactive screening for malware is important -- Thomas had to rebuild the mail server after the Code Red outbreak -- but straightforward. It's the spam filtering that's tricky. "We can't do simple keyword scans, because we receive legitimate e-mail that may contain words that people normally try to block," observed Thomas. He's pleased with the software's low maintenance needs and high accuracy in dividing the wheat from the chaff.

The agency also provides Internet access to kids, so Thomas has found another trick to prevent intrusion: a freeware firewall server called Smoothwall Express that offers intrusion detection, content filtering and a Web proxy. Since it's Linux-based, that throws off Windows-oriented attacks. "It's free, which is good for an agency on a budget. Our funding isn't intended for firewalls," Thomas said. The firewall, supported by an active user community, keeps kids off blocked domains and away from questionable content.

Thomas feels more secure with the antispam and firewall protection. Further security changes can wait until an anticipated move to a new facility in three to five years. "We're taking a proactive approach on a small budget, and it's working for us," Thomas added.

This article originally appeared on SearchSecurity.com.