Has Thanet Council been negligent or did it lie?
Written by Matt B · first published 21/12/2011
I am forced to wonder if our council is being wilfully ignorant of it's use of IT or just incompetent.
I have just read a Freedom of Information request Use of Internet by Council staff and what I have read is slightly alarming.
Sophie Chadwick, the Contracts and Partnerships Relationship Manager, writes that our council does not have the means to monitor external network communication and so since 2005 has never had to discipline a member of staff for misuse of the internet. As unlikely as this voluntary compliance seems it is fully explained by the admission that our council has no way of knowing if their Internet connection is being abused.
On the face of it this seems to be the sign of an employer that is prepared to look the other way if staff browse porn or generally waste time. It also means that staff can read Thanet blogs at work which is good I think.
However there is more than just a whiff of stupidity here. Our council (and our tax money) is at significant risk due to th lack of good monitoring processes.
When a home user connects to the Internet there is not real need for them to log their activity as their web browser will do any logging that they could usefully have need of. This is not the same for a larger organisation however.
As the number of computers on a network increases so too do the chances that a computer may be compromised. Thus it is logical to have the connection controlled by a proxy server that also can act as a firewall protecting the network from the outside. It should be a simple thing to enable logging of data through-put and to pro-actively monitor for threats.
For example Thanet College has bucket loads of computers all over the place and yet has software that creates records of popular sites. If a site becomes significantly popular (for example a game (something expressly forbidden to students)) then it is flagged for administrator attention. Furthermore if some student were to be part of a digital attack on another network then the Network manager could pin point not only the terminal used but the student that was using it at the time.
This is important as if the college was not able to hand over the user in question they themselves would become liable for the actions carried out on their network. In fact they might find themselves liable anyway which is why they are so proactive in keeping track of the uses that students make of the college network.
The same goes for Thanet District Council. Our council should be aware the moment unusual number of requests are made to any given IP address and they should likewise be actively looking for signs of, say, an Open Relay or an unauthorised FTP server running. These are things that viruses are designed to set up and the best defence against them is to monitor outbound and inbound Internet traffic and to log it. With such a log one can see how long a disruption went on for and from where.
To not do so would be negligent?
From the selfsame logs it should be possible to obtain Internet usage figures for our council's staff and yet Sophie Chadwick says that the software does not exist.
I find it hard to believe that any organisation would leave itself open to that level of abuse by cyber-attacks and lazy staff. So did Sophie Chadwick simply not understand the technology or does the council really have no Point of Presence monitoring going on?
If the former is true then TDC effectively lied in a Freedom of Information Request and could be liable or they really have no protection in place and are probably already compromised by attackers and are likely to be liable.
However I look at this I see only liability and cost for the council which is something that is not acceptable.
I have just read a Freedom of Information request Use of Internet by Council staff and what I have read is slightly alarming.
Sophie Chadwick, the Contracts and Partnerships Relationship Manager, writes that our council does not have the means to monitor external network communication and so since 2005 has never had to discipline a member of staff for misuse of the internet. As unlikely as this voluntary compliance seems it is fully explained by the admission that our council has no way of knowing if their Internet connection is being abused.
On the face of it this seems to be the sign of an employer that is prepared to look the other way if staff browse porn or generally waste time. It also means that staff can read Thanet blogs at work which is good I think.
However there is more than just a whiff of stupidity here. Our council (and our tax money) is at significant risk due to th lack of good monitoring processes.
When a home user connects to the Internet there is not real need for them to log their activity as their web browser will do any logging that they could usefully have need of. This is not the same for a larger organisation however.
As the number of computers on a network increases so too do the chances that a computer may be compromised. Thus it is logical to have the connection controlled by a proxy server that also can act as a firewall protecting the network from the outside. It should be a simple thing to enable logging of data through-put and to pro-actively monitor for threats.
For example Thanet College has bucket loads of computers all over the place and yet has software that creates records of popular sites. If a site becomes significantly popular (for example a game (something expressly forbidden to students)) then it is flagged for administrator attention. Furthermore if some student were to be part of a digital attack on another network then the Network manager could pin point not only the terminal used but the student that was using it at the time.
This is important as if the college was not able to hand over the user in question they themselves would become liable for the actions carried out on their network. In fact they might find themselves liable anyway which is why they are so proactive in keeping track of the uses that students make of the college network.
The same goes for Thanet District Council. Our council should be aware the moment unusual number of requests are made to any given IP address and they should likewise be actively looking for signs of, say, an Open Relay or an unauthorised FTP server running. These are things that viruses are designed to set up and the best defence against them is to monitor outbound and inbound Internet traffic and to log it. With such a log one can see how long a disruption went on for and from where.
To not do so would be negligent?
From the selfsame logs it should be possible to obtain Internet usage figures for our council's staff and yet Sophie Chadwick says that the software does not exist.
I find it hard to believe that any organisation would leave itself open to that level of abuse by cyber-attacks and lazy staff. So did Sophie Chadwick simply not understand the technology or does the council really have no Point of Presence monitoring going on?
If the former is true then TDC effectively lied in a Freedom of Information Request and could be liable or they really have no protection in place and are probably already compromised by attackers and are likely to be liable.
However I look at this I see only liability and cost for the council which is something that is not acceptable.
Think you can do better? · read more items categorised Thanet · Don't miss a thing: Subscribe Today · Help: what's a feed? · This site is operated on set principles of policy and disclosure read them here
anon wrote:
jobserve.com
no 2
reed.co.uk
no 3
computeach.co.uk/it-training/