The IT Management Implications of the Strange Case of Julie Amero

By on January 25, 2007 in Uncategorized

brianboyko.jpgBy Brian Boyko
If you’re working in IT, I’d like to ask you:
With the increase in demands being placed on those responsible for enterprise networks, how will the Amero case open up threats to IT professionals – network engineers and IT managers? Will they now be held responsible for the “experience” of users?
There’s tons of commentary on the web railing about the outcome of the Julie Amero case itself, but what I think we need to talk about is, what does it mean for IT?
This case hints at a possible “worst case scenario” for IT departments and network managers in particular: will IT ultimately be held responsible, just as Julie Amero was, for the material that gets distributed over their network?
Today, IT isn’t just responsible for uptime – they’re also, in many ways, responsible for the experience of end-users of the network. In the Amero case, this appears to have been taken a bit too far. In this case, there was no record of network activity during and before the event. If the computer could have been shown to access some of the offending Web sites before Ms. Amero entered the classroom that morning, for example, it would have been powerful evidence for the defense.If the pornography sites were only being loaded after Ms. Amero walked in, it would seem powerful evidence for the prosecution. Either way, this case would have been better served if there was an existing record of what packets were downloaded when.
There are products on the market, like those from NetQoS, designed specifically to create detailed records of what goes on with the network – what happens when. Having a detailed record of network activity might have been able to provide some useful and powerful incriminating or exculpatory evidence in this case. Does your organization have such detailed insight into the activity on your network – recreational or otherwise? Something to consider?
The world of IT is becoming infinitely more complex. We are all part of the network, you and me, a network vastly more powerful than any that can be counted. How will this case and others like it impact your role in managing the network and the experience of users?
Chime in with your thoughts.

Brian Boyko is the editor of Network Performance Daily.

,

About Brian Boyko

View all posts by Brian Boyko

2 Responses to The IT Management Implications of the Strange Case of Julie Amero

  1. Corrine January 25, 2007 at 9:02 pm #

    With regard to the sentence starting with

    “If the computer could have been shown to access some of the offending Web sites before Ms. Amero entered the classroom that morning . . . “

    I call your attention to Alex Eckelberry’s post on the SunbeltBLOG where his summarization at that point is copied below in part. Note, in particular that “porn had been on the computer for quite some time.

    “A forensic examination by an expert, W. Herbert Horne, showed that the machine was infected with porn-spewing spyware. In other words, these were not popups coming from a website, they were popups created by a piece of malware on the computer. Surprisingly,the prosecution admits that it made no search made for spyware during its investigation.

    The forensic expert also found that here were multiple user accounts on the computer, and porn had been on the computer for quite some time.”

    So, do IT Professionals have a responsibility to ensure that computers and networks within their jurisdiction are properly updated and protected? Yes, absolutely, within the constraints that they are allowed by their own management or the business itself. For example, in a situation where a company has several hundred business critical applications — some off the shelf, others custom — it is not usually possible to install updates until after they have been tested.
    That, however, does not forgive the IT Professional who allows the antivirus software to expire and allows school computers to access the internet unprotected, as in the Amero case. I am sure there are other nightmare computers just like the one in that classroom not only in Connecticut, but across the United States and, in fact, in other countries as well.
    Thank you for presenting this series. Like you, Brian, I would be interested in what other IT Professionals have to say.
    Regards,
    Corrine

    Reply
  2. SheTech and Company February 16, 2007 at 2:57 pm #

    Congratulations, Brian and all concerned. This is a hot issue, and frightening on so many levels – for anyone who is the least bit familiar with computer security and the pitfalls of spyware/malware (even the slightest mis-click can lead an unsuspecting user down a horrible path!), it appears to be a gross miscarriage of justice and a deliberate attempt by the prosecution to stonewall what is clearly a pivotal defense. Why was the prosecution so interested in dispensing with the case so quickly rather than seeing justice done? Because a teacher is an easier target than a script?
    I have spent hours of my consulting career tracking down and (to the extent it was possible) cleaning up after such malware, and am sadly all too familiar with how insidious those scripts can be. Even businesses with a floor full of computers can be quickly overrun if the IT staff is not permitted to pay attention to the spyware/malware issue. I recall one architectural firm for which I consulted whose owner thought that antivirus/antispyware software was a waste of money. As a result, the company spent thousands of dollars *more* in consulting fees for infection removal.
    Could this be the case here? The school district is at fault, not the teacher, for 1) allowing the computers open access to the internet without 2) keeping the anti-malware protections up to date and 3) blocking access to such sites at the network routers! Public school systems are notoriously budget-challenged, but if those computers are facing the internet they must have up-to-date protection!

    Reply

Leave a Reply