Security Basics mailing list archives
Re: "It's ok we're behind a firewall"
From: "Chris Travers" <chris () travelamericas com>
Date: Sat, 22 Feb 2003 18:59:52 -0800
My own perspective is this--- Internal security is just *different.* This is one of the reasons for the firewall. If a company didn't have a firewall, I am still convinced that they would be at *far greater* risk to external rather than internal threats. But that doesn't address the following issues: 1: Many companies have sensitive documents that need to be protected-- controlling access to these minimizes the chance of leaks. 2: Would any executive want everyone in the company to have unlimited access to sensitive information like corporate bank account numbers, credit card numbers, etc? So we can establish the need for internal security. My own preference is to divide up areas into security zones and determine how each zone (logically or preferably physically) is to be secured. Are ethernet ports in conference rooms a good idea? Is the risk that they bring in acceptible? What about wireless LAN? What are the business benefits? What are the risks? Also it is extremely important to remember that the entrepreneurs or execs are the ones responsible for defining acceptable risk. It never hurts to keep people thinking about that-- and rather than saying "you have a security problem." I usually say "Is this risk acceptible? How does ___ benefit your business? Whould ___ work for you as well?" Anyway, this is my $.02 worth. Best Wishes, Chris Travers
Current thread:
- "It's ok we're behind a firewall" John Brightwell (Feb 20)
- RE: "It's ok we're behind a firewall" Duane H. Hesser (Feb 22)
- Re: "It's ok we're behind a firewall" Gene Yoo (Feb 24)
- Re: "It's ok we're behind a firewall" Alessandro Bottonelli (Feb 22)
- Re: "It's ok we're behind a firewall" Chris Travers (Feb 24)
- <Possible follow-ups>
- re: "It's ok we're behind a firewall" H C (Feb 20)
- RE: "It's ok we're behind a firewall" Ben Schorr (Feb 22)
- Re: "It's ok we're behind a firewall" David Vertie (Feb 24)
- RE: "It's ok we're behind a firewall" James Liddil (Feb 24)
- RE: "It's ok we're behind a firewall" Chris Santerre (Feb 24)
- RE: "It's ok we're behind a firewall" Duane H. Hesser (Feb 22)