Hospital Incident Command System Module 11 Incident Planning and Incident Response Scenarios.
A Secure-Net Holiday incident
description
Transcript of A Secure-Net Holiday incident
A SECURE-NET HOLIDAY
INCIDENT By Joy Talsma
LIKE LEO HERE, VIRUS ATTACKS COME WHEN WE LEAST EXPECT IT.How we react can mean the difference in an easily solved distraction or…
LIKE THIS CAT’S EYE NEBULA,A potential disaster of epic proportions.
WELL, ENOUGH OF THE CATNAP,Let’s get to the dilemma.
A Very Shocking Discovery
Sometimes hand-written is necessary, even in this high-tech society.
When A Virus Seems To Be Eating Away Your Life…
Joy Talsma WS 107 B Business Writing Document #1 Phone Call Memo Mr. Perez, I called Mr. Steven Thomas of Secure-Net on January 13, 2011 and these are the minutes from that conversation.
James: Hello, This is Mr. James Douglas, May I speak to Steven Thomas. Receptionist: one moment please. Steven: This is Steven, can I help you. James: I am calling on behalf of Western Technical College. We are experiencing problems with the new software. It seems a virus has gotten through it. We purchased both a firewall and the deluxe package of the Anti-virus. The computers seem to be becoming infected when they are being started for the day. Are you aware of any reason for this to be occurring? Steven: I was about to call you. Yes, there is a problem with the communication to the installing technician. She was given the wrong codes, as the payment had not cleared accounting yet. It was not her fault, as it is standard procedure for our security. Normally this would not have happened, but the recent Holidays delayed the response from our financial institution. I was aware of it before you called and this is my prepared solution. You will receive it in writing in a faxed letter right after this call. James, Secure-Net is willing to correct any and all problems as a result of this infection. For the machines that are not started up, UNPLUG the network cable before starting the machine, then change the code from KJNSK:JFH(DEMO) to KJNSK:JFH(FULL) DELUXE 2920847. This should fix this problem, as the full version of the software is always installed. The code is what gives the access to the different purchased options available. Please, be sure to double check the code before restarting the machine. When the code is correct, reconnect the cable and restart the machine. Any further problems will be solved as they are discovered. Thank you for calling, James and I do hope this solves the problem. James: Steven, Thank you for making this so much easier than it could have been. Steven: No Problem, I am really sorry this happened, but it is not as serious as it seems. Good Luck, and please let me know if I can further assist you. James: O.K. Thank you. Good-bye. Steven: Thank you, and Thanks for your understanding.
My First Approach
A Straight-Forward Phone Call With Simple Results
Looking At The Project With A Different Approach
Can Have A Very Different Set Of Results Then What We Thought.
The Expected Confirmation
What We Propose To Do Next, Can Change The Outcome Of The Entire Project.
Joy Talsma WS107 B Business Writing Document #2 Proposal To: Mr. Oscar Perez, Director From: Mr. James Douglas, ISS Administrator Date: 12 January, 2011 Subject: proposed solution to the Virus infestation PROBLEM As a result of calling Mr. Steven Thomas, of Secure-Net, we have been given new codes for the computers and need to install them. RECOMENDATION I would like to enlist the help of the ISS students in the 5th phase of study as they have the knowledge to complete the task. I am willing to adapt the lecture they are assigned to discuss the task at hand and to give them this experience. JUSTIFICATION The students need the experience, and the institution needs to get the computers up and running as soon as possible. For someone to come to the school to replace the codes we already have, seems fruitless, since Secure-Net has authorized us to use the resources we have available, to replace the codes. CONCLUSION With your permission, I will have the students working immediately. As there are several of them, the work should be accomplished quickly and efficiently. If there are any restrictions I should know about, please feel free to inform me before the students start.
A proposed Solution
Whether We Report To The World Or To A Single Entity,
We Are All To Keep A Sharp Eye on the Task At Hand.
Joy Talsma WS 107 B Business Writing Document #4, Report to Mr. Perez TO: Mr. Oscar Perez, Director FROM: Mr. James Douglas, Administrator DATE: 14 January, 2011 SUBJECT: incident of virus infestation Summary On January 12, 2011 a virus was detected in which start-up of the computers was jeopardized. The new software installation appeared to be breached, and the firewall did not stop the threat. Introduction I contacted Mr. Steven Thomas of Secure-Net to confirm the new software had been installed correctly, and his reply was unusual. It seems that with the recent holidays, there was a slow reaction time of their financial institution causing the school’s payment to be delayed in posting to our account thus the installing technician did not get the proper authorization before the install. Details The technician was assigned the install on December 22, and with the holidays, Secure-Net did not get the receipt of the payment made on December 20. This caused the technician to install the full version of the software, but with the demo version of the codes. Secure-Net uses this procedure for their payment security. Secure-Net presented me with the correct codes on January 13. With your permission, I asked the 5th phase students to help with the reinstalling of the codes. The codes worked as they are supposed to, and the problem has since been corrected. Conclusion At this time, there seems to be no further problems arising. If there are any more problems from this incident, Secure-Net has agreed to repair any and all machines affected. I do not foresee any further problems from this experience as all machines are back to their previous condition.
The Incident Report
Even If only Confirming The Outcome, We Still Need TO Pay Close Attention To The Details
The Final E-mails
One of Three Final Confirming E-mails
It May Take Three Or More Tries To Completely Confirm The Final Outcome Is Complete.
The Second E-mail. This one is the return.
We Can Either Find We Are Still In A Very Sticky Situation, Unsure Of The Results,
The Final Confirmation and declaration Document
Or We, Having Done A Project Well, Can Truly Come Out Smelling Like A Rose.Thank You For Listening.Have A Great Day!
RESOURCES
I Would Like To Thank The Following Resources For Their Internet Sites Where All Of These Wonderful Photos Came From: Pages 1 and 5. The Western Technical College Site For The Logos.Pages 2,4,6,8,10,12,14,18,20 And 21. WWW.PicsDesktop.com Pages 3 And 16.Hubblesite.org