Thursday

Defending the Meatspace Layer

Humans have two tendencies that make the top layer of network security the most challenging. These two tendencies sometimes apply to the same people, though not always at the same time. Each of these tendencies requires us to take different approaches to secure our data.


  1. People Make Mistakes
  2. People are Ingenious
Musical accompaniment to the next section

Mistakes - I've made a few, but then, too few to mention. We've all made them. Sometimes it's a user that gives away a password, or clicks a suspicious link. The next thing you know, you're re-imaging systems and dealing with a mess. Or maybe your systems administrator forgot to lock down a service on the mail server, and you've suddenly become the home for the latest Nigerian SPAM. The best way to combat error prone humans is with training. Systems are created by people as well, and the more complicated they are, the more likely we've created an opening for an exploit.

People are also ingenious. They find ways to infiltrate systems that look and act securely. Sometimes it's by acting as a Man-In-the-Middle, sometimes it's by exploiting a programming error that exposes a backend database (SQL Injection.) The best way to combat ingenious people is with rigorous preparation - including planning, maintenance and testing of your systems and software.

No comments:

Post a Comment

I look forward to your thoughts and open debate. Please share appropriate and professional comments. Inappropriate comments are subject to removal.