WARP logo  

 
Site Home
Schools Home
FAQ
Glossary
Contact us
WARP Register
FWA Software
WARP Toolbox
Introduction
What is a WARP?
Getting started
Timeline explained
 
Timeline
Benefits
Check capability
Get SMT on board
Register WARP
Install software
Establish sources
Test the system
Operation
 
Marketing
Flyers
Logos
 
 

Get the Senior Management Team (SMT) on board

Once you understand the WARP concept and how it can benefit your own set-up, and assuming that you are committed to developing one after you have checked your capability, the next step is to recruit your SMT. No project ever works without support and commitment from the very top. In commerce this means the boardroom. In education it is slightly different - it probably means support from the County Council Head of IT Department; or if a school is going to establish a WARP on its own, then from the school Senior Management Team (SMT).

This is the first and possibly most important task in setting up a WARP. So, assuming that it is you wishing to get a WARP started, your first task is to develop a report for senior management explaining exactly what a WARP does, and why it is important. The report needs to contain details about cost, effort, and benefits - and there are other documents within the WARP Toolbox that can help with all of these. However, WARPs for schools are very different to WARPs for industry or WARPs for local government, and the following points may help you develop a proposal tailored to your own requirements.

© Photographer: Solarseven | Agency: Dreamstime.comCosts

All of the actual cost is born at the Operator level. The reality is that Secondary Schools, large Primary Schools and County IT Departments may already have adequate hardware resources to run a WARP. This means that almost all of the cost will be for manpower (see below). Again, the reality is that in most cases, much of these labour requirements could be absorbed by existing manpower. It is important that your report strikes an accurate balance - if there is any existing spare capacity, then running a WARP will not involve huge costs. If there is no spare manpower capacity, then the cost of the WARP will be closely related to the cost of the additional manpower.

The actual software cost involved in running a WARP is likely to be no more than £335 for the recommended software:

  • Windows Server 2003 Web Edition (£235)

  • FWA 5.0 (£100)

  • SQL Express (Free)

The FWA (Filtered Warning Application) is software specifically designed to support the functions of a WARP. Note that you are not required to use the FWA - you could develop your own software or use a mix of packaged and free software together with manual labour.

Effort

To establish the manpower cost, you need to understand the effort involved. This falls into two parts: a one-off set-up cost for establishing the online WARP services with minimal maintenance costs thereafter, and a continuing manpower cost for administering the WARP.

  • Set-up costs are almost entirely manpower (assuming that you have sufficient hardware resources). The Filtered Warning Application software currently costs £100 for the public sector. Note that the FWA requires a Microsoft server - Windows Server 2003 Web Edition (£235). If you don't use MS systems (not likely in a schools environment) it would be possible to develop your own filtered warnings systems based on mailing lists and open source software.

    If your site already has an interactive capability, then the advice brokering and reporting elements of the WARP can just be developed and included. If this is not available, then there are numerous open source or free 'blog' applications that can be used to provide the service.

  • Administration costs occur in two areas: operating the filtered warnings service and organizing Member events.

    • The filtered warnings service is the most time-consuming element of operating a WARP. It involves selecting the warnings that are relevant to your Members, and generating a user-friendly alert containing neither too much nor too little detail ready for despatch to them. It is possible to automate this by taking feeds from an existing and perhaps larger WARP - but for this to work, you need to be sure that the needs of your own Members match the needs of your Feed's Members. For example, esoteric vulnerability warnings may not be particularly relevant to a WARP serving an environment of primarily MS Word clerical users. Such a WARP might place little emphasis on technical vulnerabilities in obscure servers. Secondary Schools are more likely to have an in-built 'hacker' community in its sixth form who might actively seek out obscure vulnerabilities on the internet in order to test their skills on the school network. For this type of WARP, vulnerability warnings can be both important and very useful.

      One difficulty with vulnerability warnings is that the official information sources (such as government CERTs) tend not to issue alerts until a patch or other solution is available. This may follow underground knowledge of the weakness by days or even weeks. Consequently, it becomes a value-judgement from individual WARP Operators on whether vulnerability warnings are useful for their Members, and whether they need to be actively sought (in order to issue alerts sooner), or passively received (in order to issue alerts later). (All of this will become clear in the section Establish sources.)

      It is therefore important that in obtaining management support for a WARP, you present the cost of manpower involvement based on your actual security needs. Unfortunately, it is difficult to quantify these at this stage - it will depend on how much support your Members need, and how actively you oversee the advice brokering and incident reporting elements. As a very loose guideline:
      • light touch, making use of peer-to-peer warning feeds from other WARPs and with the minimum oversight on the interactive elements of the WARP: approximately two hours per day
      • medium touch, being more involved with generating warnings and more direct participation in the advice brokering and incident reporting areas: more like three hours per day
      • greater involvement, actively participating in, and promoting, all aspects of the WARP: say, four or more hours per day. Some WARPs use the filtered warnings mechanism to distribute relevant security news items, feature articles and best practice guides that might be useful to the members.
        It should be stated that it is difficult to define a strict time schedule for operating a WARP. You might budget your time to allow for two hours per day working on the WARP. In practice, however, you might need to spend three hours on one day, and only one day on another. Increased operational time could happen on each 'Microsoft Tuesday'. On the second Tuesday of each month, Microsoft issues a security bulletin containing details of the latest security updates. The record number of updates on a single Microsoft Tuesday currently stands at the 26 announced in October 2006. Since exploit code often appears on the Internet within a few days of the Microsoft announcements, it is important to be able to get warnings out to your WARP members as soon as possible - and this will clearly cause a spike in your work schedule.
    • Member events are important. They build trust within the WARP. But they are also a valuable, and enjoyable, way of meeting colleagues, discussing problems face to face, and learning new solutions. It is important, therefore, to set aside some time to arrange and organize local events. Experience suggests, however, that members will start to organize their own meetings and events, so this function will become less time-consuming as your WARP matures.

Benefits to present to Senior Management

The benefits of belonging to a WARP are discussed in some detail in the first section Understanding benefits. They include

  • helping to prevent security incidents on your own network - this can save the cost and inconvenience of downtime, and reduce or eliminate the cost of recovering both your systems and your reputation.

  • developing and promoting a trusted community of colleagues - the ability to share information, and to seek and give advice to colleagues who have the same problems, leads to a more efficient and satisfying work experience.

  • collective events, such as training on issues like legal liability and compliance, can share the cost across the entire membership. This has the effect of reducing costs while at the same time ensuring that everyone is up to speed.
  • as the community matures and members begin to liaise more freely with each other, common needs become apparent. This creates an opportunity for cooperative bargaining with vendors and potential bulk purchasing discounts.

  • a WARP helps to secure your own infrastructure; and in doing this, you play a part in helping to secure everyone else's.

 

Now that you have the SMT on board the next step is to Register your WARP.

 

Back to top

 


© Crown copyright 2004
Published : 03-May-2007
Terms and conditions