Many years ago a colleague introduced me to the phrase “What’s the problem?”. It was useful because it helped people take a step back when they are so focused on features and solutions but have lost sight of what problem they were trying to solve. Sometimes the problem was not even the correct problem. When companies or individuals are dealing with computer security, they often skip the step of defining the problem and go straight to solutions and they get an environment that has all sorts of security “solutions” but doesn’t solve their security problem.
Why should a company or an individual care about security on their computers and networks? I overheard a fragment of a conversation when I was at dinner this weekend. There were two elderly women and one said ” … but the Mac’s have better security right? and the AOL helps too … “ Unfortunately, that is how a lot of security decisions are made.
Defining the security problem for IT organizations is not simple. Many organizations large and small decide on solutions without thinking about the problem and creating requirements. One needs to define what it means to be secure in one’s environment. Understanding the environment and what needs to be protected and why it needs to be protected can help define the requirements for security. No solution can be 100% foolproof but ideally one can get the right level of security that significantly mitigates risk.
Here is a list of some diverse motivations for being concerned with security:
- The company has been breached and proprietary corporate information has been stolen.
- The company has been breached and credit card information and social security numbers have been stolen
- The company lost many days of productivity due to a virus infection causing computers to slow down and need to be rebuilt.
- A home computer had a virus that loaded a key logger on the system and they stole all the personal information and stole the user’s identity.
- Laptop computers have been stolen from my company and data is at risk
- Users are wasting time playing games on computers.
- Users are using file sharing programs, putting the company at risk for violating copyright laws.
- PCI compliance, SOX compliance …
What to do? Determine which security issues are you trying to address, define the problems, define the requirements, and then implement a solution. There is no perfect solution but based on your environment you need to choose solutions that mitigate the key risks for your organization.
If the reason you care about security is only so you can claim compliance you will likely not be secure but you will be compliant. Many of the problems listed above are caused by an executable program running on the computer that shouldn’t be running. Somehow it was placed on the computer through a virus, social engineering trojan, user error, malicious intent … Savant Protection can prevent such executables from running no matter how they got on the computer system.
Savant Protection offers a flexible, low impact, easy to deploy, easy to manage layer of security that blocks unauthoized software, stops zero day attacks, prevents the creation of advanced persistent threats, prevents key loggers from running, and eliminates the need for many system rebuilds. It does this by automatically creating and maintaining an implicit whitelist of all executables on each computer system. It is a simple and effective layer of security that will only allow a process to run if it is on the whitelist.
Next week I will talk about the relationship of Security and Operations.
Filed under: Security
