Your security mirages

Some things you use to keep your systems and data safe aren’t as secure as you think

Your security mirages
Credit: darkuncle via Flickr

Yes, I was hit last week. Forensics are in progress. I got doxxed, too.

It has made me realize that most of systems security is an illusion. Here are my favorite alternate realities:

1. Everything is safe behind the firewall.
Ever heard of UBFWI—as in User’s Been Fooling With It? While IPD/IPS and firewall networked-technology has improved so vastly, there’s nothing like a user with an infected laptop to bring in a lulu.

2. Obscure operating systems never get hit. Hackers only go for the gold with Windows.
Here, let me laugh out loud and roll on the floor. Mine was an obscure server version on an obscure branch of an obscure BSD limb. Listen to the sound of lunch getting eaten: mine. Chomp, chomp, burp.

3. Use bozo port numbers so that nmap bots go away.
Those words were uttered by people who don’t read syslogs.

4. DMZs halt breaches.
Maybe—that is if there’s no smoking crater where your DMZ used to be. 

5. Security certificates are all you need.
Stick that in your SHA-1 hash pipe and smoke it. Limp linguini is still limp linguini. Face it. I’ll bet there’s some of that linguini in that fortress of yours.

6. One safe copy of the keys is all you need.
That is, until the machine is stolen, or won’t boot, or has no backup, or was hashed with a key no one can find.

7. Test? What could go wrong?
I’m not going to go there.

8. We don’t need no stinking docs and backup copies of non-existent docs.
Docs take time, organizational skills, and staying off Facebook, Reddit and Twitter. Then you have to make copies and treat them like the most valuable piece of your DR plans. 

9. Mobile Device Management (MDM) will keep BYOD problems away.
It’s true that if you’re diligent, good at configurations, read the logs, do the setup work correctly, then monitor it tenaciously, your organization can reap great benefits from MDM and Mobile Application Management (MAM). None of them I’ve reviewed were perfect, and some went a long way towards thinking things through—the benefit of the scar tissue that experience as a reminder. Unattended, they’re a mess, and they cost ongoing deployment personnel costs and monitoring. It’s not a panacea, but it can help. 

10. Nobody has time for training.

And those will be my parting words for this week.

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.
Must read: Hidden Cause of Slow Internet and how to fix it
Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.