Secure Coding mailing list archives

Previous By Date Next
Previous By Thread Next

Re: ZDNnet: Securing data from the threat within [by buying products]

From: "Kenneth R. van Wyk" <Ken () KRvW com>
Date: Mon, 17 Jan 2005 19:02:03 +0000

Crispin Cowan wrote:


I completely disagree. I find the article to be timely and informative.

What Kenneth suggests (use of RBAC) will not solve the problem. First 
of all, RBAC is not practical to deploy in most situations; companies 
are still trying to cope with AV and firewalls, and just beginning to 
think about host and application security. RBAC is completely beyond 
them.


Well, my main objection to the article was its advocacy for addressing 
the insider threat problem simply by buying security products.  I 
brought up RBAC simply as one example that people may consider as they 
seek solutions. 

Whether it be role-based, or a plain old-fashioned, group/ACL sort of 
access control, coupled with good event logging and monitoring, I think 
that most sites would be better served by exploring the access control 
mechanisms that they currently have instead of just buying more security 
products.  That's not to say that there aren't products that may be 
highly useful, but it is to say that the solutions should start with 
well designed and implemented access  control and logging.  I stand by 
that opinion.


Cheers,

Ken van Wyk
Previous By Date Next
Previous By Thread Next

Current thread: