Firewall Wizards mailing list archives
Re: Worms, Air Gaps and Responsibility
From: Nate Campi <nate () campin net>
Date: Wed, 19 May 2004 23:17:22 -0700
On Wed, May 19, 2004 at 11:27:10AM -0400, Dana Nowell wrote:
But the community as a whole doesn't agree on a common set of best practices. Like you said, there are "plenty of information about best practices out in the wild - and increasing awareness and implementation", the implication being that there isn't a base set of rules for say small business and that what few 'rules' people do agree on are not well sorted from the 'but I think' stuff. If it was, it would start showing up in places (contracts, discussion on VPN implementations, business (not security) surveys, ...) and I don't see it.
The damndest thing happened to me a couple days ago. I went over to my 80 year old grandfather's house to look at his PC which had trouble after a windows update (possibly the first time it was ever run on a win me system). I told him how important it was to update his software regularly, since he connected it directly to a cable modem. He kinda laughed, and told me that all his important documents were created on his old Macintosh which was never hooked up to the internet. He made backups of his documents on a floppy disk and gave them to his daughter in case anything happened at his home. He didn't really care too much about the PC he used every couple days for email, and he made sure to never open any attachments he wasn't sure about, any more than he would accept items from a stranger on the street. I told him that what he just told me takes many internet security professionals years to figure out, and many network administrators never figure it out at all. When I think about where the majority of a security managers time is spent, I see that it is mostly about convincing others to design security into all their products and processes, and that basic security is mostly about common sense practices. If I'm not careful he might take my job! -- Nate "There are two major products that come out of Berkeley: LSD and UNIX. We don't believe this to be a coincidence." -- Jeremy S. Anderson _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- RE: Worms, Air Gaps and Responsibility, (continued)
- RE: Worms, Air Gaps and Responsibility Dana Nowell (May 18)
- RE: Worms, Air Gaps and Responsibility Gwendolynn ferch Elydyr (May 18)
- RE: Worms, Air Gaps and Responsibility Dana Nowell (May 19)
- RE: Worms, Air Gaps and Responsibility Gwendolynn ferch Elydyr (May 19)
- Best Practices Paul D. Robertson (May 19)
- Re: Best Practices Dana Nowell (May 21)
- Re: Best Practices Gwendolynn ferch Elydyr (May 21)
- Re: Best Practices Dana Nowell (May 21)
- Re: Re: Best Practices R. DuFresne (May 21)
- Message not available
- Re: Re: Best Practices Dana Nowell (May 21)
- Re: Worms, Air Gaps and Responsibility Nate Campi (May 21)