“Don’t touch this server. Ralf set it up, and we don’t know what he does.


Based on a true story…

Over two decades ago I went to work for a network and web company as a customer marketing department. It was a crazy time. Online marketing was getting into DMOZ, Lycos was still a puppy, asking Jeeves to want to talk to an AI, and the way you laid out your HTML tables had more of an impact on your search rankings than any high PageRank inbound link ever. Google, shmoogle – it will never beat Dogpile. In pre-bubble times, the ring servers were all called Fodo, Bilbo, and Gandalf. Password1 (with a capital P) was pretty much de rigueur, and on-demand cloud computing was part of William Gibson’s novels. For networking, web development and IT support companies, it was like the Wild West – and the digital frontier was open for business.

As I sat down at my new desk, one of my new colleagues said to me, “Watch your feet; there is a server down there. We don’t know what’s on it. Ralf set it up before moving to Canada.

It was, if memory serves, an old 486 on its side. This may be the corporate mail server. It could be the print server. This may be saved customer data. There could be an in-house firewall deployed on it. Maybe it was a dedicated monitoring server. Either way, be careful and leave it on. It must be important after all, or why would Ralf set it up?!

For two years I sat there with this humming box of RF radiation between my feet. Terrified of kicking him. Paranoid about unplugging it. Making sure there was enough ventilation to keep doing what it was doing. All the time my knowledge of these things grew as I wrote about networking and technology, and so one day – probably while looking for an abandoned Sharpie – my eyes fell on the back of this server. That’s when I realized that while there was an old fashioned ethernet cable, it had taken a beating at some point and was hanging out of the wall socket, serving no purpose.

I decided to find out what the fuck was on this thing and dragged it (along with its maze of dust bunnies) out into the light of day. Plugging in a monitor and keyboard, and just 10 minutes later, I discovered the truth. Ralf had set up a local network for games after work, and it was the dedicated Doom server. For three years this thing had been plugged in, sucking in watts, slowly cooking my ankles, doing next to nothing.

The more things change, the more they stay the same

In many ways, not much has changed. In telling this story to a friend, she told me that the previous year she had found a copy of the interactive text-adventure game “The Hitchhiker’s Guide to the Galaxy” (by Infocom, circa 1984) on a legacy warehouse data that had been blindly copied and copied for decades.

If only this were all as innocent as outdated computer games. Organizations store masses of unknown, untapped, and unstructured data in structured, semi-structured, and unstructured data stores on-premises and in the cloud. Much of it is dark data. It’s a waste of space, resources and energy, often in violation of local data laws, and manual sorting is nearly impossible. From old server log files and outdated account data to long-forgotten shipping information and decades of email, corporate data repositories are filled with the daily byproducts of our ongoing digital interactions.

Some of this information may actually be valuable. It may be able to help organizations make more informed business decisions by analyzing data from the past, or it may just take up the space they pay for without any other application.

According to research firm IDC, the volume of unstructured data will reach 175 zettabytes by 2025. A high percentage of this volume will no doubt be the modern equivalent of Ralf’s Doom server.

A call for discovery and classification

It is a long and laborious process to uncover the unstructured data an organization has. GDPR (and other standards) mean that organizations must maintain a comprehensive inventory of personal data and then classify that data. Without insight into this data, this is impossible.

IT and security teams need to identify all their data sources, assess their current technology stack – including servers like Ralf’s, get real-time access, take advantage of data lakes, clean the data, and then recover it , categorize, classify, compartmentalize, and segment it for future use. It’s no small feat, but at some point it will have to be done – and the sooner the better the policy. Doing this manually is a nightmare, but organizations need to know (and have visibility into) the location, volume, and context of structured, semi-structured, and unstructured data stored across all their data repositories.

We have a solution for this. Imperva Data Security Fabric Discover and Classify (DSFDAC) enables busy security teams to do this upfront and enterprise-wide. Powered by machine learning, it scans corporate networks to reveal where databases are located and what kind of information they contain. DSFDAC enables organizations to find sensitive, hidden, and exposed data, then protect it before it is discovered by bad actors and auditors. It offers clear and actionable suggestions for compliance and categorization. It creates and maintains a detailed, real-time inventory of data in an organization and can create automated, scheduled scans to identify any sensitive business data. I wish I had this in the 90s.

Thank you, Ralf, wherever you are. You taught me a valuable lesson and one that I will never forget. It makes me wonder how much unexplored data is another Ralf server, how much has a legal protection requirement, and how much actually has real commercial value.

The message “Do not touch this server. Ralf set it up, and we don’t know what he does. appeared first on Blog.

*** This is a syndicated blog from the Security Bloggers Blog Network written by Nik Hewitt. Read the original post at: https://www.imperva.com/blog/dont-touch-that-server-ralf-set-that-up-and-we-dont-know-what-it-does/


About Author

Comments are closed.