• United States
Contributing Writer

Sobig’s wake is Sobig

Sep 04, 20032 mins
Enterprise ApplicationsSecurityViruses

* Sobig aftermath: IT could lay down the law on how and where computers can be used

Although the Sobig virus is still worming its way around the network, causing headaches for IT organizations, already thoughts are turning to the lessons learned. And at some companies that may mean a separation of church and state or rather: work and home.

IT departments have been grumbling for a long time about how users “use” their computers. Now, with the rapid spread of the Sobig virus, which attacked networks from all angles, IT organizations have ammunition to crack down like never before.

From surfing at work to letting family members use work computers at home, IT organizations are gearing up to take a long hard look at how “company equipment” is being used. Heading out onto the Web for some afternoon shopping or offering up a work computer for Junior to do his homework might soon be a thing of the corporate past.

IT managers are saying that these situations compromise an environment that they work hard to keep under lock and key. Adding in unknown and untrusted elements, such as non-work-related Web sites and rogue applications, just adds more work to an IT department’s ever-increasing load.

But how exactly is this crackdown going to occur? And who will be subject to it? I look at the ongoing battle that goes on when IT departments set up any kind of policy and I envision a similar struggle.

Does the policy of no “non-work” use apply to corporate executives? Does it apply to telecommuters who by their very nature meld work and home life? What about 24-7 road warriors? Should they be required to carry a “work” computer and a “home” computer for their various needs?

If you think this sounds extreme, it’s a short walk between cracking down on “at-work shopping” and putting on the brakes completely. What about doing your finances on a work computer? After all, that involves interacting with an “unknown” Web site?

As IT organizations contemplate how to go about protecting corporate data, expect some trial and error. I imagine some organizations will go whole hog and cut off all personal use, while others will wade slowly into the waters.

What do you think? Will IT departments draw the line after spending too many hours fighting the Sobig worm? Let me know at