Security Basics mailing list archives

FW: Security Simplification

From: "Barbara Filkins" <filkins () impulse net>
Date: Fri, 23 Feb 2007 13:46:18 -0800

-----Original Message-----
From: Barbara Filkins [mailto:filkins () impulse net] 
Sent: Friday, February 23, 2007 1:46 PM
To: 'Stan'
Subject: RE: Security Simplification

I guess my reply to the VP is that it should not be a matter of simplifying
security but making it easier to practice.  In other words, look at the
training issues and the human usability issues involved with security.  Is
it password management problems?  Backing up systems?  Doing the things that
are needed that are too time consuming and that people see as a policy
without much purpose (unless something happens to them.) 

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On
Behalf Of Stan
Sent: Wednesday, February 21, 2007 2:14 PM
To: security-basics () securityfocus com
Subject: Re: Security Simplification

* [2007-02-21] oligarchicalrule () gmail com said the following:

If you were told by a VP to simplify security for your organization, 
what you think would be a starting point?  It's seems vague.  We run 
Windows servers/desktops that are built on the same images.  We use 
Cisco switches/routers/etc.  I'm not really sure where to start.

I would start by asking him what, exactly, he meant by that. If your
security stops at the hardware and operating system levels, that's pretty
simple. Are your policies too complex for non-IT staff to understand?
Perhaps people have trouble accessing files due to tight access
restrictions?

--
Stanley D'Arderr
File Descriptor #2
Devices Directory

---------------------------------------------------------------------------
This list is sponsored by: BigFix

If your IT fails, you're out of business - or worse.  Arm your enterprise
with BigFix, the single converged IT security and operations engine. BigFix
enables continuous discovery, assessment, remediation, and enforcement for
complex and distributed IT environments in real-time from a single console.
Think what's next. Think BigFix. 

http://ad.doubleclick.net/clk;82309979;15562032;o?http://www.bigfix.com/ITNe
xt/
---------------------------------------------------------------------------



---------------------------------------------------------------------------
This list is sponsored by: BigFix

If your IT fails, you're out of business - or worse.  Arm your 
enterprise with BigFix, the single converged IT security and operations 
engine. BigFix enables continuous discovery, assessment, remediation, 
and enforcement for complex and distributed IT environments in real-time 
from a single console.
Think what's next. Think BigFix. 

http://ad.doubleclick.net/clk;82309979;15562032;o?http://www.bigfix.com/ITNext/
---------------------------------------------------------------------------

Current thread:

Re: Security Simplification, (continued)
- Re: Security Simplification Isaac Perez Moncho (Feb 23)
- RE: Security Simplification Nhon Yeung (Feb 22)
- Re: Security Simplification Christian Kopacsi (Feb 22)
- Re: Security Simplification simonis (Feb 22)
- Re: Re: Security Simplification aaarugrat (Feb 23)
- Re: Security Simplification Henry Troup (Feb 23)
  - RE: Security Simplification Herb Steck (Feb 23)
    - Where is the head and tail? WALI (Feb 26)
    - Message not available
    - Where is the head and tail? Harshal Mehta (Feb 28)
    - Re: Where is the head and tail? crazy frog crazy frog (Feb 28)
- FW: Security Simplification Barbara Filkins (Feb 26)