Firewall Wizards mailing list archives
Re: Firewall administration
From: Bennett Todd <bet () rahul net>
Date: Tue, 7 Oct 1997 04:15:31 -0700
[ lots of interesting ideas, most of which I happily agree with, and then: ] From the security officer's point of view, there are two enemies: the attacker and his own management.
This statement I can't agree with. In my experience to date, my management has never been out to actively sabotage the organization; they've been trying to set appropriate policy, and just sometimes need some instruction in security issues. I give them the right info and they make good decision. Sometimes they even surprise me with better security policy decisions than I could come up with. Actually, my first claim isn't quite true; I _did_ once work in a company where the ``Data Security'' department had an idiot who regularly tried to sabotage the firm. We regularly cut him off and shut him down. That was pretty ugly, that was; he ended up making the whole rest of the company hostile to computer security.
It is very important that one can say ``you ordered me to throw Sam out of the car'' when management complains about the effects of opening the hole they asked for last week. It's even more important to be able to send them a form to sign which says ``Turning on cornering will result in the inadvertant ejection of passengers. I authorize this as an officer of the company''.
I think if you've gotten to this point things are pretty awful. To date, I've been able to head 'em off before we get to implementation by explaining the risks. If ever I should be unable to do that, I'd have to figure I'm not doing my job anymore and go somewhere I can do it. -Bennett
Current thread:
- Re: Firewall administration Rik Farrow (Oct 06)
- Re: Firewall administration David Collier-Brown (Oct 06)
- Re: Firewall administration Bennett Todd (Oct 07)
- Sidebar re idiots (was Firewall administration) David Collier-Brown (Oct 07)
- Re: Firewall administration Bennett Todd (Oct 07)
- <Possible follow-ups>
- Re: Firewall administration Anton J Aylward (Oct 07)
- Re: Firewall administration Anton J Aylward (Oct 07)
- RE: Firewall Administration Steve Kruse (Oct 12)
- Re: Firewall Administration P.Y BONNETAIN (Oct 12)
- Re: Firewall Administration Larry J. Hughes Jr. (Oct 13)
- Re: Firewall Administration Rudolf Schreiner (Oct 14)
- Re: Firewall Administration Bennett Todd (Oct 15)
- Re: Firewall Administration P.Y BONNETAIN (Oct 14)
- Re: Firewall Administration P.Y BONNETAIN (Oct 12)
- Re: Firewall administration David Collier-Brown (Oct 06)