Famous last words: Our antivirus totally works

Show, don’t tell: Sometimes it’s the only way to get through to security clients. Otherwise, it’s like talking to a brick wall — many people don’t believe a security breach could happen to them and, instead, dismiss our recommendations and warnings. Only when their information is compromised do they become a powerful advocate in spreading the word about taking proper security measures.

At one point in my career, I was employed as a contractor, including at a company that handled maintenance work for large corporations in their buildings. Unfortunately, this client didn’t seem to understand the importance of updating its security measures.

[ For more stories about exasperating IT jobs, check out “10 users IT hates to support.” | Pick up a $50 American Express Gift Cheque if we publish your tech story: Send it to offtherecord@infoworld.com. | Get your weekly dose of workplace shenanigans by following Off the Record on Twitter and subscribing to the anonymous Off the Record newsletter. ]

We were hired to manage the client’s computer systems, but the company didn’t want anything changed that wasn’t already broken. Even though we offered warnings and suggested updates, we were waved away.

The company used ancient antivirus software, which — in its estimation — still worked just fine. The client continually wanted ports opened in the firewall without heed to the repercussions or alternatives. For our own sake, we kept a paper trail of all of this, noting the warnings in writing and getting sign-off for every move.

Infection alert

It wasn’t too surprising when one day I answered a call from the company and heard a panicked voice saying a virus had hit employees’ computers. Also not surprising: Being blamed for the old, out-of-date antivirus software. The client argued it was our fault for not preventing this; therefore, the company shouldn’t have to pay us to fix it.

We’d been prepared for this possibility, so it was easy to grab the company’s file on my way over. When I got there, I showed the bosses the copies of their old work orders, complete with their signatures and our warnings about the antivirus software. “No, this isn’t a free service call. We warned you about this on multiple occasions. I’m sorry, but I have to bill this out.” They quit arguing, and I got to work.

As I discovered, the virus had come in via email, inside an infected document. I recognized it from prior research and knew several of its characteristiscs: It spread by randomly emailing documents on any drive to addresses on any contacts list it could find, it kept a text log of the email addresses it tried to infect, the documents were not corrupted and could be recovered, and private information was often in the documents that were mailed out to random people.

For our client, the virus originated from a business it had on retainer, through a document that had nothing to do with the business whatsoever. The virus had mailed the company an infected contract with the text, “Here’s the document I told you about.” Of course, the person opened it to investigate. When the worker couldn’t figure out why it had come in, the employee closed it and forgot about it, but it was too late.

Cleaning up the mess

The virus wasn’t terribly difficult to remove, but tracking down all of the outgoing emails was “fun.” The client readily agreed to have us update the antivirus software and tighten up the firewall. As part of our (billed) cleanup process, we also secured written permission from our client to get in touch with the contacts who might have received an infected email. The client again readily agreed.

I wrote up a script that explained what had happened, taking care to make clear this was not a sales pitch. We called each contact on the phone and explained what was going on and what they needed to do to ensure they had not been infected.

A very few took us seriously and said they’d look into it. Some asked us to come over and look over their computers. Approximately 75 percent of them said, “Oh, we have antivirus software,” and hung up. But out of the 75 percent, about half later contacted our client to admit that, yes, they too had been infected by the virus and proprietary information was being randomly mailed out.

In the end, the situation turned out well. The client’s contacts appreciated the honesty. Some of them hired us to maintain their computer systems — including updating their antivirus software. And the client took our recommendations more seriously from then on. This particular brick wall came down.

Send your own IT tale of managing IT, personal bloopers, supporting users, or dealing with bureaucratic nonsense to offtherecord@infoworld.com. If we publish it, we’ll send you a $50 American Express Gift Cheque.

This story, “Famous last words: Our antivirus totally works,” was originally published at InfoWorld.com. Read more crazy-but-true stories in the anonymous Off the Record blog at InfoWorld.com. For the latest business technology news, follow InfoWorld.com on Twitter.