[APG Public List] Ancestry Search - Something EVERY Professional Must Consider

Christopher Gray Christopher.Gray at Newscope-Solutions.co.uk
Fri Apr 23 00:57:54 MDT 2010

Ray Beere Johnson II posted an entry on this list on 22 April 2010 21:22
regarding, what I consider to be, basic security knowledge and we ALL need
to take heed.

It is not all "gloom and doom".  This is not "scare mongering".  However we
all need to be aware and take appropriate steps to protect the interests of
our clients and ourselves.

While the recently released reports, such as that by "Infowar Monitor" of a
"shadow network" - "a complex ecosystem of cyber espionage that
systematically targeted and compromised computer systems in India, the
Offices of the Dalai Lama, the United Nations, and several other countries",
seem a long way from our humble PCs used in our profession, they are not.  A
significant number of "cyber attacks" on organisations such as the DoD,
financial institutions and your local government are believed to be carried
out with the aid of "botnets" - networks of computers in such as people's
homes, schools, libraries and companies which have been "infected" with
software inadvertently downloaded through browsing the web, using social
networks or similar.  Would you know if your computer was being used to
attack the DoD?

As well the possibility that your computer is being used against your will,
the "infection" may enable the hacker to download your data - including
sensitive reports on your clients.  You could have a neighbourhood computer
"geek" who is trying out his/her skills on their neighbours ("I'm bored -
what shall I do?"), but I would suggest that the majority of infections will
be run by automatic networks of computers looking for vulnerable computers
world-wide - for example whomever logs onto a specific site (my wife's
computer was attacked when she visited a shop's web-site selling good
quality shoes - their computer had been infected).  So they will not be
particularly interested that John DOE (1892-1963) was bigamous.  But would
you or your client be happy that such information was available world-wide?

Is your password very hard to guess?  Do you keep your operating system
up-to-date?  Do you have a computer firewall? Do you have up-to-date
anti-virus software?  Do you use separate computer accounts for accessing
the internet and working on your client's business? While I don't do the
last of these, I am considering it since it makes sense.

I agree with Ray's recommendation that basic IT security should be part of
any professional genealogists training - it is not "rocket science".  


[Christopher Gray]
Guild of One-Name Studies member 3286
Society of Genealogists - 022836
éminence grise
The Gray / Grey One-Name Study (Worldwide) http://www.gray-ons.org/

More information about the APGPublicList mailing list