We ended up joining the computers to our domain, updating their patches and setting them up with antivirus. We were fortunate that they didn’t contract malware while they were unprotected. But this incident has led me to believe that we should be scanning our entire network for unmanaged devices. That could take a really long time, given the large number of IP addresses in our network range. We’ll have to set up a special system that only does network scanning and let it run until it finishes — probably a few months to scan every IP address. Then we can compare what’s on the network with what’s in Active Directory to make sure there aren’t any more rogue computers lurking in the shadows.
This week's journal is written by a real security manager, "J.F. Rice," whose name and employer have been disguised for obvious reasons.
Sign up for CIO Asia eNewsletters.