Deb Hale, handler at the SANS Internet Storm Center and security administrator and abuse coordinator for a small ISP in the Midwest

How do you describe your job to average people?

I am responsible for the security on a number of servers, assorted varieties of Linux and a few Windows servers. I monitor logs and reports to watch for and block various types of unauthorized activity on our network. We have several mail servers and several webhosting servers. These servers handle webpages and email for both residential customers and small to medium size businesses. It is my responsibility to make sure that the customers data stays available and safe.

I also am responsible for all of the abuse issues for our organization. I receive FBL's from ISP's and determine what device or customer these reports pertain to. I contact the customer to help them determine the cause of the report. I also receive the copyright infringement reports and contact the customer involved to educate them on AUP for our organization.

In addition to these duties I assist with the development of the business continuity plan for our organization, responsibility for our system backups and serve on the safety committee.

Why did you get into IT security?
Prior to dealing with the security side of the house I was a principle in a consulting company that was basically an IT department for small businesses that were to small and did not have the resources to run their own IT department. The company made recommendations on all aspects running their network and fixed problems as they arose. I saw so many issues popping up due to inadequate security from the inside to the perimeter of their networks. I sold out my share in the network consulting company and decided to concentrate my focus on fixing the inadequate security problems.

What was one of your biggest challenges?
One of the biggest challenges that I face is convincing people that a lot of internal network problems can be resolved simply by fixing some of the issues that cause a breach to be possible. Until they actually feel the pain of the breach they don't see the value in planning and preventive measures.

What keeps you up at night?
Security of our network and availability of the resources that our customers expect to be available is extremely important. Many of our customers are small- to medium-size businesses. As a former small business owner I understand the importance of the customers webpage and email being available 24/7. Businesses today operate electronically. Even one hour of lost connection time can mean lost revenue. Another thing that is critical is the backups. I know that the customer is counting on me to be able to restore their webpage/email in the event that we have an internal failure.

Of what are you most proud?
In the last year we have detected and averted multiple “attacks” on our servers. We have seen a marked increase in directory harvest attacks, brute force attacks, etc and we have had no failures as a result of the attacks. We have maintained a high level of availability for our customers and have continued to make improvements on our network security.

For what would you use a magic IT security wand?
Oh, if I had a magic IT security wand and could use it to educate my home computer users that would be awesome. We deal with so many issues that are caused by our home computer users lack of understanding and knowledge about simple things like anti-virus programs, music download programs, social networking sites. Educating the home computer users would go a long way in helping with the other challenges that we face every day. I truly believe if we could eliminate the “unsecured” home computers and wireless connections we could eliminate many of the issues facing businesses today. Of course then I may not have a job.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.