“Oh uh, here comes the Security team!” is a phrase that we hear on a daily basis. Like emergency responders, the Information Security team usually only shows up during a crisis. The rest of the time, we’re watching computer screens and examining security logs in a Security Operations Center, or preparing to send out the next notification of an impending attack or a network breech.
But behind the dark shroud of our mysterious craft, there are many friendly faces who are more than willing to work with you and, in fact, who need your help. Here are a few “secrets” that you may not know about Information Security, which you can use to help you form a stronger alliance or prevent any missteps that could cause problems for the team.
We Want You To Call Us.
Many people mistakenly feel like they are bothering the Security team when they call with an issue. However, we always prefer to hear from an employee before a security incident becomes serious. This way, we can give you excellent customer service and we won’t be rushing to control any threat that may be impacting government systems or services. If your agency has a process for submitting things such as potential phishing emails, follow the process. But when you feel like you’re in a “gray area,” or if you just want to ask a question because you just took a call from helpdesk that sounded suspicious, report it to your Security team right away.
We Can See Every Web Site You Click On.
If I had to pick one “frequently asked question” that comes up most often, this is it. And if it doesn’t come up, it is often because people are hesitant to ask. Yes, we can see every site you visit in your web browser. Remember, your agency’s Internet use policy is the guide to proper business-day browsing. And, in most cases, it is your supervisor that is responsible for ensuring that you are adhering to the agency guidance. Reviewing this information for potential security threats and providing reports to supervisors is simply part of our job.
You Aren’t Fooling Us With Your “Passw0rd.”
Many InfoSec teams perform password audits, where they attempt to log into your account using “password dictionaries” that include the most common passwords. So, please, do not think you are fooling anyone when you pick an easy password. Often accounts will be deactivated when they’re found, or worse, you might open the network up to hackers, if the team doesn’t catch the weak password before the bad guys have a chance to try it. Hackers often use the same tools we do, and they have the luxury of being able to work 24/7 from the comfort of their homes. Your Security team works business hours and often is pulled in several directions at one time.
We Know Precisely When You Download Hacker Tools.
I am convinced some people do this just out of curiosity, but when you download a tool that allows you to try to hack or scan the agency network, most anti-virus software treats it like an actual intrusion. Alarms and whistles go off in the Security Operations Center, and the team has to treat the situation as if a hacker was trying to gain access to a government network. Anyone interested in learning white-hat hacking should download those tools on their home computers or, better yet, enroll in a class. One extra warning; some hacker tools are wrapped in malware, so if you download them you might be downloading a nasty virus that could lock or destroy your home computer. The fees of a local college course on ethical hacking is probably much less expensive than replacing your PC.
You Are on Our Team.
Finally, keep in mind that all employees of an organization are the front line for the Information Security team; you are the eyes and ears of your agency. Ultimately, a government network is only as secure as the users that work on it, and agencies invest a lot of money in Security Education & Awareness Training because we rely on you. Your good judgment and your intuition can be an incredibly valuable tool to help Information Security in an investigation or during a breach.
What are your great tips for working with Information Security?