Sun, Feb 27 2005 21:06
Oh my gawd...the enemies are out there....oh no...they are in here.... The Security mentor brings up something along the lines of my password issue..... it's an issue I call “the balance”. Every day, each one of us take our expertise and talent and try to balance the forces of needing to do our jobs, needing to secure the information we are caretakers for. The most secure information is locked up away never shared. But....you see.... the best solution to our problem might be to share that information.
So every day we connect and communicate and open the holes and go through the firewall and pass the syn acks and all that.
And every day we balance the access with the abilities it brings. Push your end users too much security restrictions and you restrict interaction and stifle creativity and business. Enable freedom too much and you have insecurity all over the place.
There's a balance...and that balance costs.
One of the ways to help set the line, to help determine the right costs for that balance is analyzing and putting mental boundaries around data. Even if your computer systems don't categorize data in a “high risk“, medium or low risk, you should. What is the data that should never ever be let out the castle gates? Make sure everyone in the office knows to treat that data as carefully as possible.
When it comes right down to it a lot of this really comes down to the 'people' part of the equation. Make compliance with 'doing the right thing' too hard and people will find ways around it. Make the choices easier to do, and people don't mind 'doing the right thing'.
Sometimes the worst enemy of all.... is you.
Filed under: Rants