3 Simple Security Principles

Updated: February 02, 2010

These three simple rules help to make sense of the thousands of different security solutions available. Products and practices that conflict with these three simple rules might not be the best solution.

1. A secure network assumes the host is hostile

It has been years since a firewall that enforces policies based only on source-destination-service has been sufficient. Trusted end points harbor malware, are controlled by attackers, and are launching points for attacks. Network security solutions must be in-line and inspect all the traffic that passes through them. They must look for viruses, worms, exploit traffic, and even unusual behavior. IDC dubs these solutions "complete content inspection" firewalls. Many vendors refer to them as UTM, Unified Threat Management. I will be publishing more on the products available to do this.

One aspect of a secure network that is often overlooked is that the computers on the inside of the network are often the danger. It could be an infected computer brought in by an employee or contractor, it could be a poorly patched server that has been compromised by an outside attacker. Even the smallest organizations have to invest in network security solutions to block attacks from devices on the inside of the network. This is accomplished through network segmentation and deploying content inspection capabilities internally. As threats multiply watch for solutions that either sit on top of the access switch or incorporate the switch in their configuration.

2. A secure host assumes the network is hostile

This is another way of stating the requirement for a layered defense model. A laptop, desktop, or server cannot rely on the network to keep it safe. AV, firewalls, and anti-spyware solutions have to be installed and up-to-date. Patches for critical applications and OS have to be installed as quickly as possible. Browsing shields should be turned on and Microsoft IE should not be used if at all possible.

3. Secure applications assume the user is hostile

This is where authentication and authorization come in to play. One of the best deterrents of malicious behavior is the end user's awareness that their actions are associated with them (strong authentication) and logged (behavior monitoring). Many online services have failed to protect themselves from their customers. This applies to internal file sharing and community services as well.

Related Categories

Featured Research

SolarWinds MSP; Digimite Technology

more
Five Cyberthreats that Slip Past Traditional Antivirus

more
The Art of Organizing and Simplifying IT Support

Any operational business model relies heavily on IT support and the help desk to achieve maximum uptime for all IT systems. This white paper addresses ways for help desk analysts and IT support staff to easily and efficiently handle their workload by simplifying and automating processes to increase time and operational cost savings, enhance productivity, and boost customer satisfaction. more
2020 Wheelhouse Buyer’s Guide to APIs

more
2020 Security Software Buyer’s Guide

more