The computer magazines are full of "green' and IBM is running adverts about green that are painting the server room walls green. Green is obviously one of the hot IT buzzwords.
But what about home computing?
With the advent of DSL and cable internet many homes are running "always on" internet. This is a big "multiplier".
Those of us who are smart have a firewall at the CPE doing the 'always on' part. I also have a server that uses fetchmail to fetch the mail from all the mailboxes I have around the world, so limiting my exposure.
My firewall, for example, is an old HP Vectra desktop. It also makes a nice support for my monitor. The monitor is 'Energy Star' compliant and powers itself down. My server and laptop are more modern and have energy saving features. Since I run Linux I make use of 'powersave' to use the BIOS to throttle the CPU and shut-down disk activity.
Similar features exist for Windows.
The issue is "how many people use them?"
It would be nice for the green advocates if machines shipped with powersave features turned on, but its also easy to imagine grandma at her PC pecking out the letters while sending e-mail pausing to think what to say next and seeing her screen go blank. Panic sets in.
Ah, awareness. Always an issue.
So what does this have to do with security?
Well, apart from grandma panicking, this is one more thing that can affect issues such as availability. While a battery-conserving road-warrior will tolerate the delay of disk start-up, its not appropriate in many other settings. Certainly not in a server farm!
Often the IT world can become obsessed with issues that are tangential to its main focus. Being Green should be a corporate strategy, one that is systemic. There are many other ways that a corporation can cause energy to be consumed other than its own electrical demands.
Telecommuting might seem a good idea but do work out the details. Is it more energy efficient for workers to come to an office and turn their own home energy demands down? Crunch the numbers. It may be less expensive for the company, allow it to have smaller premises and energy demands, but all its doing if offloading its energy demands onto its telecommuters. Good for its own profits but short-sighted with respect to the community at large.
And "going green" by telecommuting has its own InfoSec risks!
Posted by Anton Aylward
I am currently available to offer InfoSec & GRC audit and consulting services through my company - System Integrity