During the last year — though it seems like much longer — I took charge of the Information Technology/Security group at work. What I’ve learned thus far is that much of the work arises when users do something absolutely ridiculous. The thing that constantly amazes me is how often people infect their systems with a virus/worm/trojan out of sheer curiosity (or sheer something-else.)

Running a network is difficult because there’s always a trade-off between convenience and security. Security is seen as an impediment to productivity, and so that trade-off ends up being entirely skewed toward convenience.

When people are able to access webmail or mail from any other servers out of my control, the skies open up and trash comes tumbling down. Our particular W32.Mydoom outbreak was limited to a mere four regular suspects people, but surely could have been worse had I not tightened up the mail server some months ago (before I took over, the mail server had no virus scanning protection whatsoever; but that’s another story).

So, for the sake of your Systems Administrator (and for the sake of your reputation), do not open a zip file and execute the enticing but obviously scandalous executable file. Rumour has it that I’ll take my sweet time sending someone over to fix it.