ForumGarden

The NHS, and the opening of a Microsoft document file with macros enabled which resulted in the local network privilege spread of ransomware.

No, NHS, you cannot blame your front-line medical and secretarial staff.

If you're NHS IT and you're responsible for a network, then simply ordering your staff to behave in a hygienic way is not adequate protection. If you now have a ransomware infection then it's a management fault for not testing the environment your technicians have put in place.

Absolutely every occasion like this is the direct responsibility of the Head of IT. The Head of IT should be fired and her reference should say why she was fired. Nothing else is ever going to force IT representation on the Board to grow a backbone instead of supinely putting up with whatever she's allocated by way of resources.

If your IT system can't fend off an external social-engineered or phishing attack which is accepted and opened by a non-IT member of staff then it's not the fool at the bottom of the food chain who is to blame, it's IT management. Mere "user education" is not a defence, it will not ever work, it is a failed excuse for not fighting your corner against your budget director when it was your turn to speak.

Shall I tell you how to check you've done your job? Isolate random bits of your live network on a weekly basis, make sure it's properly archived, and then open a Pandora's Box of every malware known to man on random user PCs and make sure none of it can penetrate your real-time defences. Throw a thousand emails at your users saying Lottery Win, Here's Your Monthly Statement, Print Job Enclosed, and tell them to open the lot. If you have no ill effects then well done, you have a protected network. And if you do that every week on small parts of the network without giving them any special treatment beforehand other than isolation, then you'll keep your technicians honest. And if your technicians don't know how to protect their network to that extent, run some adequate in-house courses.

No use talking on here, (not with the low traffic especially) better write a letter to NHS direct or Jeremy Hunt....................don't email for heavens sake.

If it's not accessible by the public then it's binned. Here it's Googled, permanent and visible.

Apparently they ignored details of a security tool a month ago. Not sure how true this is the link is from the Sun

NHS bosses admit security tool was sent around to Trusts in April - but it wasn't acted upon

https://www.thesun.co.uk/news/3560704/n ... -software/

I think a large part of the problem is a lot of managers see software as just another piece of equipment or machinery that having bought it it is used till it falls apart and just can't grasp that you need to keep it up to date and sometimes replace it altogether.

I worked for one firm and was trying to persuade them to start scanning documents at a point when they were hiring storage space to keep files. First off they couldn't grasp that they didn't have to scan all the old documents first but just stop adding to what they had. The clincher (I left shortly after) was the sarcastic comment at a management meeting that having it on the computer all very well but you also need a hard copy at times. As I politely pointed out that if you need a hard copy you just tell the computer to print the document.

Intelligent people can have remarkably little common sense I suspect a lot of companies just see IT as an expense and don't appreciate the value.

We are at a time of technological change that is barely grasps by most people. I.T. is like voodo or magic to many.

It really is frightening how these machines we rely on so much can randomly breakdown.

And the reliance on a single company supplying most of the software is horrifying.

I'd have to agree with Spot. We have such a tough firewall, that almost zero scams, malware, and phising attacks get through. There are good programs out there for your company and a little training of the employees will do the rest. If you get frozen, it's IT's fault.

Data should be handled with the same mentality medical people use to fight germs.

The Email server should be completely separate from any systems containing vital data. No secure data should be able to be compiled and sent via email. and no data received via email should be able to be added to the secured database by electronic means without a proper scrubbing.

I agree with Spot. No organization doing mission-critical work should rely on the users for systems admin tasks. Management needs to provide the budget and staff to go with centralized IT management of every system on the network. The tools are available, management needs to make it policy. It is easy enough to set up automatic system security audits and upgrades of the workstations. If they want to improve security even more, restrict the use of the network for personal devices or at least require a quick security audit of the device before it can use the network.

Bruv;1509149 wrote: We are at a time of technological change that is barely grasps by most people. I.T. is like voodo or magic to many.

It really is frightening how these machines we rely on so much can randomly breakdown.

And the reliance on a single company supplying most of the software is horrifying.


I can empathise with people who find technological change difficult to grasp but I've got little sympathy for those who choose not to learn what they need to know - I'm in my sixties and when I hear someone the same age or close to it come out with the hackneyed phrase I can't cope with all thise new technology I am always tempted to turn round and ask if they are stupid or just lazy. Even something as simple as a gps I know people who disparage those who use one unable as they are tro grasp that it is an aid to navigation - By the same token I know plewnty who cannot read or understand a map to me both are everyday life skills even the humble van driver needs to be able to use a hand held computer and bar code scanner it's a case of learn or become unemplyed..

OK I don't use facebook or twitter because I have no interest in doing so but if I wanted to I could.

But to be fair gmc.....you do struggle with keyboards.

Bruv;1509314 wrote: But to be fair gmc.....you do struggle with keyboards.


:yh_rotfl I struggle with typing properly but I don't blame the keyboard.