There has been a lot of discussion about whether or not a Museum is a
likely target for hackers.  In my humble opinion, it is better to be
safe than sorry.  The answer is very simple:

Confidential information should not be network-accessable.  Data from
departments such as the Registrar's Office, Business Office, Personnel,
and Security should be protected completely.  Extremely sensitive
information such as detailed building plans, electronic security specs,
insurance values, employee information, and investigations should
ideally be held in self-contained systems with very limited access.
Most of these goodies can be kept on a single PC, under lock and key.
Back-up copies must also be secured from theft and fire, preferably
off-site.

All museum staff need to be security conscious.  Those managing
information systems should make it their first priority.  Jim Angus is
right about a couple things:

1.  Anyone with enough knowledge and incentive can get into a network.
2.  The greatest risk may come from an authorized user.
3.  Leave hyper-sensitive info OFF the network.

Why take chances?  It's not worth it!

<')))><

Christian C. Burke
Seurity Operations Manager
Inter-Con Security Systems, Inc.
Los Angeles County Museum of Art
mailto:[log in to unmask]