Security

 
 
By eweek  |  Posted 2004-07-19 Email Print this article Print
 
 
 
 
 
 
 


Are there any technologies that are new or unique that havent been tried before in this kind of environment? From what Ive been able to ascertain [yes], the Wi-Fi, the application of Wi-Fi in this environment, in a closed space, large number of media organizations, security concerns, also meeting the expectations. Everybodys so accustomed to Wi-Fi wherever they go. Weve been talking with some of the senior technical people at the different news organizations and everybody recognizes the challenge. So the strategy that weve taken to provide limited service in limited ways under very tight controls and circumstances is not just to say we did it but to provide a service where it needs to be. So thats one thing.
The VOIP is giving us a level of flexibility that we did not think wed have, saving us money, because we have to pay for all of our drops. So we can deploy voice over IP that helps us. It also adds some communications that we didnt have that we use. We can use instant messaging on the voice over IP. So those two applications, both of which were considered in 2000, both of which existed in 2000, but we just didnt think the technology was mature enough [then] in 2000, but we do at this point.
In 2000 we did a lot of technology just for technologys sake and this time were a little more focused. Were using technology as tools to support what were doing, support our communications, support the event. What kind of security do you have in place? Were working through three levels at the point. With Verizon, our connectivity, they have at their data center and at their POPs, layers of security, and were then running everything through our Cisco firewalls, then after that they hit an ISA Server 2004 box, which is Microsofts stateful firewall and proxy server. So between those three ... all the companies [vendors] are invested in the event and the security of this event.
Nobody wants to be responsible for a security breach. Theyve assigned top people to this and were also working with law enforcement agencies to monitor what happens, what to look for, how to differentiate between a threat and a harassment, and we have meetings with them on a weekly basis. What kind of security is in place for the staffers? We use Active Directory authentication, we do the standard enterprise password changes and complex passwords. We work very closely with human resources, who actually build the accounts when someone comes in, does the account management, so they match up names. Theres no communication gap between when the person started or left and we didnt know about it. Weve given human resources the tools to manage the user accounts so we keep a very good eye on that. We do audits all the time and theyre all layered behind our firewalls and our proxy servers. On a more practical level, we limit whos allowed to send e-mail, in and out, attachments—not just size limits, but attachments—without being too intrusive. We dont want to kind of be big brother watching everything that people do. Everybodys really focused on what they are doing, and that really helps in monitoring that situation. Did you borrow any best practices from other large events outside of the 2000 convention? Yes, from some of the other events I worked in the past, especially with the radio issue. I worked at the 50th anniversary of NATO, which was at the time one of the largest gatherings of world leaders. It was in Washington, D.C., a three-day event, with really, really, really tight security. Although Wi-Fi wasnt deployed there I saw what worked and what didnt as far as radio frequencies, cell phones, two-way pagers, so we knew for this event that if we were going to try Wi-Fi and some of these other technologies, wed have to coordinate that with the security people, the FCC frequency people. So that was one thing, early coordination. Also, speaking with some of the senior technology people with some of the news organizations, and early coordination with the city and early coordination with the venue. We worked very closely with the VP of technology and CTO at the Fleet Center about what their infrastructure is, can we use any of this, if we had to engineer any new pieces. It was done in concert with them, and I think thats really helped us a lot. So there were no surprises for either party, and we really moved forward in a partnership. Next page: Final details.



 
 
 
 
 
 
 
 
 
 
 

Submit a Comment

Loading Comments...

 
Manage your Newsletters: Login   Register My Newsletters























 
 
 
 
 
 
 
 
 
 
 
Rocket Fuel