Traditional approaches to information security are incapable of dealing with today's threats. Just as the attackers have evolved, so the security industry needs to adopt new architectural models and techniques to deliver appropriate protection without imposing unnecessary costs. In a nutshell this is the thesis of our latest …
Security is easy...
... just dont give any access to users!
a. Use single sign on authenticated on a hardware device
b. Only allow authenticated and encrypted end-to-end encrypted communication.
c. Run your software from a readonly device
d. Don't download and run software over the Internet.
I would add
e. Physically separate (no copper, no fiber, no wireless, no exception) your critical assets from the Internet
f. Give preference to spending on hiring competent people instead of buying the latest bells and whistles technology that vendors might shove at you
g. Stop outsourcing human thinking to software. Computers are supposed to work for us not to think for us.
I don't necessarily agree with the idea of off-loading everything to the could. Besides, wasn't relying on the could part of HB Gary's downfall? (Among a myriad other things, yes, I know)
off-loading everything to the could.
Because they cloud?
Not just C I A?
I like the whitepaper's take on breaking down the aspects of security into more practical bites. I wouldn't recommend sharing this paper with our clients, this is a very security professional audience focus. I would recommend keeping things simple, there is a benefit to maintaining Confidentiality, Integrity, and Availability as a selling tool to interested parties when talking about security practices.
"...Just as the attackers have evolved, so the security industry needs to adopt new architectural models and techniques to deliver appropriate protection without imposing unnecessary costs. ...."
I don't think we need a NEW architectural model - with today's frameworks it is possible to construct an architecural model for an enterprise that does take into account the realities of data replication.
What we do need is more diligent application of architectural approaches.
- Vid Hubble 'scope scans 200,000-ton chunky crumble conundrum
- Bugger the jetpack, where's my 21st-century Psion?
- Google offers up its own Googlers in cloud channel chumship trawl
- Interview Global Warming IS REAL, argues sceptic mathematician - it just isn't THERMAGEDDON
- Apple to grieving sons: NO, you cannot have access to your dead mum's iPad