Should I Tighten Security?

Home Forums Miscellaneous Should I Tighten Security?

This topic contains 14 replies, has 13 voices, and was last updated by  Greg Berry 11 years, 3 months ago.

  • Author
  • #68690

    Steve Ressler

    I created GovLoop with the spirit of openness. I allow “the government community” to join – which ranges from strict fed/state/local/int gov’t employees, to academics, to good consultants (not BD/marketers) and students.

    The pros of this is that we have a really interesting, diverse community. People can join quickly and get access to start discussions. I warn and ban members if they misbehave.

    The cons is that there is occasionally some misbehavior like a spammer today for about 20 minutes before it was reported and the member banned.

    I’d love to hear your take on my two options:
    1) Keep the same and it is okay that there will be a very occasional misbehavior. That’s the cost of an open and collaborative community.

    2) Every new member must submit their membership and cannot get access until I approve it. This will delay their ability to get into the site but should prevent any misbehavior from the occasional spammer/bot.


  • #68718

    Greg Berry

    Option 1 for now, until you figure out the best way to handle the approval process effectively.

  • #68716

    Mary Davie

    I’d say keep it open if you can. Spam happens. Will depend on your resources to deal with it in the future as the membership grows. Remember that we already deal with spam in many aspects of our online lives such as email, Twitter , phone, etc and we just know it happens.

  • #68714

    Ed Pastore

    I’d also say keep it open. In almost every case, spammers are only hurting themselves with spam on sites like this, so it’s not like you’re enabling them in any way.

    If you have the resources to implement it, you could have a tag-as-spam option and let the users handle it. (That is the 2.0 way, right? 🙂 Anything which gets two spam tags gets hidden, and you can review it at your leisure to see if anything was mis-tagged.

  • #68712

    Marc Drummond

    If you had a good process for approval, I’d say option two. I think it could be a better community if there was some sort of knowledge that people interacting on the site actually are a part of a governmental organization or regularly interact with governmental organizations.

  • #68710

    Denise Hill

    Ahhh. With option number 2, you would be a very busy beaver. Let me ponder as I write. If you had option number 2 in place when I joined, I would not be a member. I did gradually check out GovLoop. I like the welcome open collaborative feel of GovLoop and the quality of the people that are here committed to the open sharing of thoughts. However, it would really be a shame if misbehavior ruined it. Is there a 1.5 option of having new members key in a code as displayed on the page as a cautionary measure against the occasional spammer/bot. Requiring a first and last name would be an option. Just pondering options that would not require your personal attention (at least 4 now).

  • #68708

    Henry Brown

    Have been a member of a Yahoo Group for close to 6 years now. When the group was first stood up it was open to any and all and the spam/email harvesting was rather rampant. After close to a year where a significant amount of time was spent removing members because of abuse We decided (via a e-vote) to require approval of new users…
    IMO it was a needed change, and although it changed the work-load for the manager(s) it dramatically reduced (DID NOT eliminate) the spamming/email harvesting

    The requirement of “pre-approval” is going to have a significant impact on your work-load unless you are able to do some delegation

  • #68706

    Paulette Neal-Allen

    I think it should stay an open group. We’re all grown ups here, and we all know where the delete key is. Yes spam is annoying, but so is junk mail in my snail mail box and I deal with it.

    I do like Ed Pastore’s suggestion for a tag-as-spam feature and let the members of the community take care of it, if that’s possible within the NING framework.

  • #68704

    Ed Albetski

    I agree with most of the others in letting GovLoop remain as it is. I remember the Internet when it was a trusted zone full of contractors and students with tools like telnet and ftp. We acted like guests on other peoples’ systems and got along. Let’s see when was this? The Truman adminstration? Only when we opened it up to those who cannot even spell TCP/IP did things climb into the handbasket. If we’re all Gov people, we do rules pretty well.

    I’d like to see it kept as open and friendly and easy to use as it is now, for as long as you can, Steve.

  • #68702

    Andre Goodfriend

    I agree with the majority that it’s beneficial to have this as an open system.

    I would personally prefer that more fields in a person’s profile be required, but even this would stop people from making up information. In the month or so that I’ve been on Govloop, I’ve come across three spammers. One was a person with a near empty profile, no postings except for the uploading of a video, who wanted to be “friends” and two others like “helen” from yesterday who sent a similar message and asked that I contact them at an external email.

    I have to assume that there are security risks here and anything written here could be printed publicly or taken out of context. But, that’s the nature of an open system, and I have to behave and write accordingly.

    In many ways it’s probably good practice for us to write and interact, knowing that this is an open environment. It lets us maintain an informal style, while all the forcing us to interact in a professional manner.

  • #68700

    Elaine Pack

    I like option 3. Let anyone join but have them automatically moderated until you release them. This keeps the spam out, yet allows the lurkers to enjoy all benefits of the site until they choose to post.I co-moderate a VERY large and active Yahoo site that works this way and it works quite well.The overhead work to release new posters is minimal, and the badboys never get to the list. Or badgirls–let’s not be sexist 🙂

  • #68698

    Michael P. Bishton

    Thank you for creating GovLoop.
    1. Open is as open does. It is a principal worth exploring. The conversation’s the thing, wherein we’ll capture the conscience of the king (with apologies to Shakespeare). Or at least have some promising conversations with each other.

  • #68696

    Steve Ressler

    Great thoughts and would love to hear more. Couple thoughts:

    1) Check out the “Report an Issue” button which is at the bottom of every page. This is the best way to report a problem and people always do a great job reporting and I’d encourage people to do more. If reported, I hop on it and fix the problem

    2) Seems like the general philosophy to keep the spirit of openness. As always I’m going to let the community lead the way on this discussion and keep it as is for right now. But I will monitor the situation and potentially move to moderated if really needed.

    And as always would encourage more thoughts and comments….


  • #68694

    Allen Sheaprd

    I hope not.

    My original work with computers was on UNIX on a VAX and PDP-11 and things where wide open (think stone age just after punch card era when CRTs where introduced) People played nice.

    I hope we can work together openlly and if need be tighten things down instead of tighten them down now and never give us a chance to show that we can work well together. Let us earn an open system or let us earn a closed one.

    The only thing I want is the ability to clean up offensive posts. Even trusted friends will make mistakes and say the wrong thing – only to regret it later. The President himself made a bad comment on Jay Leno without meaning too.

    Just my thoughts.

  • #68692

    Allen Sheaprd


    Hi. It looks like your goal is not to restrict access to Gov employees only but to help prevent fly by one time posters.

    How do you feel? Is that right?

You must be logged in to reply to this topic.