Tuesday, May 29, 2007
Bejtlich - versions
Friday, May 25, 2007
CC numbers are everywhere
Thursday, May 24, 2007
Risk Management - measuring all components of the equation
Wednesday, May 16, 2007
Thursday, May 10, 2007
Wednesday, May 9, 2007
Security Architecture Blueprint
SSL FTP on Longhorn
Friday, May 4, 2007
Stop Disabling and Start Enabling
If information security is to ever have an ounce of credibility in a corporate world it has to stop disabling and start enabling. The days of hiding behind thick piles of self-scribed doctrine and exercising personal dogma laced with stupid egotistical power trips based on technology religion must end. If you talk to most (yes most) folks outside of information security in an environment where this culture is allowed to exist they will usually raise an eyebrow, get their heckles up or even laugh in your face. The locker-room conversation discuss the â€œthought policeâ€ and ways to not tell or involve security about whatâ€™s really happening: and quite frankly I donâ€™t blame them. Why?
Because sadly some so called security folks are nothing short of dinosaurs and I suspect exhibit many of the traits above. This article in CSOOnline prove it.
Kill instant messaging. Stop it at the desktop via security and group policies. Stop it at the gateway. Stop it at the firewall. Death to IM. My opinion: This is the best way to go if you can get away with it. If youâ€™re running e-mail and a working phone system in a general office environment, IM is a geek-toy luxury. Simple as that.
Can you blame people? I often read things and laugh, sometimes I read them and get angry and occasionally I read things and donâ€™t know what to say apart from â€œwhat â€œwibbly wobblyâ€ planet do you live on?â€
Maybe you would like to kill all cell phones as well? Lets face it they are really annoying. All those people talking and doing business while you try and read your newspaper with your drip coffee and Krispy Kreme.
Maybe that new fangled Internet thing should be shut off period? After all whatâ€™s wrong with paper and carrier pigeons?
I hope the author doesnâ€™t work for a publicly traded company. If he does I am calling Kramer for a sell recommendation and I am serious.
As Dilbert once said â€ I am not anti-business, I am anti-idiotâ€.
Yes, he is quite right about it! Another funny thing about blocking IM is that the request usually comes from managers that don't want their team spending time chatting. So they try to make Security block it, avoiding the direct conflict with the team. When I say that I'll do it only if the reasons are clearly stated to the users, they usually give up.Mark Curphey raises a very important issue on the post above. When you start to be a problem and overreact on some threats people will start to avoid putting Security together in their projects, as they expect the same behavior (disabling). Try to show to the company that your role is not disabling things. Even when writing reports or providing feedback, try to replace the "can't be used" with a "can be used with security improvements". I know that sometimes even that is impossible, but don't discard it until you really sees that there is no other option.