Thursday, June 19, 2014

Danny Fox: SU Security Hero

An artist's rendition of a witness's description of Danny's labor.
Throughout the world there are countless people who lurk in the recesses of the internet, spending hours plotting to rob you. They don't want your physical possessions, those are too hard to move and easy to track; instead, they want something more sinister, your identity. This actually happens, and we are all vulnerable to varying degrees.

The internet is beautiful, but it can be dangerous.

Do you think your IC department stands idle as users get attacked! If you do, you're mistaken. In fact, our Information Security Officer, Danny Fox, plays the SU Network's role of both Sherlock Holmes and Batman. That's to say, he sleuths for internet clue-nuggests, and then punishes bad guys by using sweet bat-themed gadgets that his billionaire playboy status allows him to access as SU's secret hero; he does all of this from his cave-like office deep inside the basement of the Smith Library. The previous sentence might have a few embellishments, but the point is simple: Danny ensures that all SU information is safe and secure.

If you've ever met him, you know Danny is a stand-up guy. He's the type of guy that is more likely to boast about team accomplishments than personal accomplishments, and always has something pleasant to say (even on Monday mornings). Recently, I sat down with Danny to discuss one of the most integral assets of the IC department, himself.

Q: Would you mind speaking for a minute about yourself?
A: I was born and raised here in Winchester, VA.  My first job was working with my father doing landscaping and some handyman work. I got my first technology job working for a library automation software company in Inwood, WV.  I started in support, worked my way up to software testing, and my final position there was working with database integration. Then, I applied at SU.  I got a job with the pharmacy school as their Network & Technology Support Specialist. While I was working at the pharmacy school, I helped build an anti spam setup.  When the Information Security Officer position opened, it fit what I was currently doing, so I applied for it, and that is how I came to be the Information Security Officer here at SU.

Q: Do you have any hobbies when you're not at work?
A: I enjoy reading and studying history. I'm bad at dates, but I love reading about the personal side of history.  Learning about who did what, and why they did it is incredibly interesting. The mind set of people in previous eras is fascinating. Also, I used to play volleyball a lot, but then I busted my ankle.

Q: Do you have a favorite type of music?
A: My music tastes are eclectic.  Of course, I love classic rock, but I get into some new-age and contemporary music. I can sit down and enjoy almost any type of music.

Q: What is your most memorable experience at SU?
A: My most memorable experience at SU thus far would have to be when we first got serious about inspecting the computers that students brought onto campus so that we could protect our network.  I worked with Ken Lambert on a series of scripts and processes that the students would go through to make sure that their computers were as clean and updated as possible before they attached to our network.  That project evolved into an open source project that would do most of that for us. The team work involved in making it all happen, and watching it come to fruition was inspiring.

Q: Do you consider yourself an animal person?
A: I'm a dog and a cat person; I like them both equally well. I don't have any animals currently, but all my friends do.  I'm an animal uncle which means I can love on them, spoil them, get them all excited and then walk away with clean hands. 

Q: What does a typical work day in your life consist of?
A: There are no typical days. I come to work with a plan, and I always start the day by reviewing my email and logging into the systems that I monitor each day; but, after that, I am responding to what I see and monitor on a daily basis. Depending on the severity or nature of issues, I may have to pull in the network team or various server admins to work on solutions. 

Q: What are the primary systems that you work with on a daily basis?
A: I am the Google Apps administrator and I work on the firewall with its intrusion prevention system. I co-manage the firewall with our networking team.  A lot of what I do actually involves working with our networking team, and we work together very well because I evolved from the networking team.  We have to work closely with one another because if one person is not available, another person can pick up the slack so services do not get bottle-necked for our users.

Q: In a nutshell, how does the product of your labor impact end users here at SU?
A: Basically, if I am doing my job properly, nobody will ever know that I've helped them.  What I do affects people "behind the scenes." Their antivirus will be updated, and I work to protect their systems from being infected.  I work to make sure your information does not get compromised in anyway.

Q: If you disappeared into an ext-dimensional pocket for an extended period of time, and nobody took over your job responsibilities, what would happen after six months?
A: Key systems would not be updated, rendering our network more vulnerable to attacks.  Our university as a whole would be more vulnerable to online attacks. But, I would say, as a part of my job, I also work on creating documentation that would allow somebody else to take over my position should I slip into an extra-dimensional pocket of some variety.

Q: If you could give end users a quick pro-tip regarding the technology you support on a day to day basis, what would it be?
A: Backup your important data! Though, I have a quick laundry-list of things you can do to help keep yourself safe:
  • Keep your operating system up to date
  • Keep your browsers and third party applications up to date, out of date programs, applications, and operating systems are one of the primary avenues that bad guys use to exploit and take your information. 
  • Treat ALL email links as bad, and think twice before clicking them. If there is another way to get to the same location, use it.  For example, if you receive an email about your bank account and it has a link to the login page, just exit the email and go to your bank's login page as you normally would by using your browser.
  • Be careful of how your devices are used. For example, if you give your child your iPad or mobile phone, it is very easy to accidentally share secure information.  This is a huge security risk that people do not generally think of or consider. Just be cautious and monitor how your peripheral devices are being used.
The labor of Bruce Way-- I mean, Danny Fox is always present anytime you use the SU network.  Rest assured, your in good hands and your information is as safe and secure as possible. Not only do we have an excellent Information Security Officer, but he is backed up by one of the best networking teams in the business.

No comments:

Post a Comment