Introducing Information Security to a Cyber Cafe

Due to growing concern over Information Security, I was approached by the director responsible for a company sponsored Cyber Cafe to evaluate the Cafe for Information Assurance and Network Security concerns. The director was concerned that a virus or other forms of cyber attack could cause extended downtime, which would have a negative impact on morale and productivity. As it turned out, the week before I started my assessment threats were received via email. Law enforcement agencies were notified and the source of the emails was tracked back to one of the Cyber Cafe Locations. The Law enforcement agencies shut down the Cyber Cafes for 2 days during the investigation. Due to the non-existence of security policies at the Cyber Cafe, it could not be determined who specifically sent the email. This incident did get the attention of upper management, which made getting approval for most of the recommendations much easier.