Dearest Real,

I know you and I have gotten along so well for all of these years. As far back as there has been video on the internet, you have been there. When I survived on dial-up, you were there. Whenever I installed a new mp3 player, you were there. Whenever my computer was acting up, you were there. When I moved to broadband and didn’t need streaming video anymore, you were there. When i would take a class in music history that had obvious audio that was stored on a CD, you were there. When I took this job and began to focus on what we gave to the world, you were there. Throughout this internet life, you have been here.

Knowing our long history, you might be surprised by how I feel. It might shock and amaze you; I know it doesn’t to me. But, let us look back at the “good” times.

When I first started looking at video on the internet, you were unwelcome, but required. When I survived on dial-up, you made my computer and thus, my connection slower than it needed to be. Whenever I installed a new mp3 player, you fought it for access to my files, even though I had already told you many times I did not want you to have them. Whenever my computer was acting slow, your system was attempting to gain self awareness. Once I had broadband, you refused to let go and took my downloaded video and garbled it. I deleted you after that. When my music class required your presence, I made sure to do all of my coursework on my work machine after work, just so my personal computer could be free of your influence.

With my current job, I have to have you installed on this machine. I didn’t want to, but somethings are unavoidable. You offered new features, like Message Center. You tell me I can turn it off, just like I could give my mp3 files to another player. But, in the end, you lied, just like when you told me I could give my mp3 files to another player. You cause this machine to hang for ten minutes every time I boot up. You cause me great frustration, just like every other time. And just like every other time, I wish you gone. You are the computer killer, the ultimate in virus technology. Hollywood couldn’t make up your destructive potential every day. Every day, I wonder why Symantec doesn’t see you for what you are.

I’m getting a new workstation next week, Real. And you won’t be invited to the party. I’m going to spend my time converting all of my offices video into a format free from you. I’m not looking forward to the pain of that task, but it is completely required. Our relationship is over, and it makes me joyful to be able to say that. Next time you see me lurking on the internet, go bug someone else. if they are lucky, hopefully someone who doesn’t know you will see this love letter and learn it is completely allowable to simply not get into a relationship with you.

Now, go away.

Generally here I speak of web design and development, but I do have other roles that I have played.  Today, I want to speak as a Systems Administrator and talk about security.

Security on a network level is based on a number of different factors, most of which are addressable any sort of systems group.  These include patches, firewalls, open ports, password policies, etc.  Generally the weakest link in network security is the rules.

A sysadmin must walk a fine line between enabling users to work as unencumbered as they wish and to protect the users from themselves.  For this reason, best practices must be put into place.  Hopefully an organization will also codify officially these rules so that everyone knows the playing field.

A major rule that I have always had is one in which remote access is minimized.  In fact, I call this rule “No Remote Access.”  Remote access allows for a user to (surprise) remotely access network resources (shared files on a server, etc.).  This means that I, as sysadmin, lose control of the client machines.  I can no longer verify that they are virus free, that they haven’t been stolen with all the passwords and addresses saved or written down.  In short, the portions of the network that the user has access to are compromised in such a way that I have no idea what is legitimate or not.

By enabling remote access in an organization, you are in fact greatly increasing the chance of downtime due to virus or lost data.  Does that seem smart?