Comments
How To Make Information Security Everyone's Problem
Newest First  |  Oldest First  |  Threaded View
jfeldman
50%
50%
jfeldman,
User Rank: Strategist
3/29/2012 | 6:36:06 PM
re: How To Make Information Security Everyone's Problem
Best comment ever: "A lot of IT security, if we are honest, is like putting your head under your desk in the case of a nuclear attack."
Sam Iam
50%
50%
Sam Iam,
User Rank: Apprentice
3/28/2012 | 12:32:42 AM
re: How To Make Information Security Everyone's Problem
I think the cure is often, not always, worse than the disease in the case of IT security. Installing anti-virus software on PCs for instance. Good thing you have that anti-virus software on your PC, otherwise someone could install software that slows down your system and puts annoying pop-ups all over the place... which is exactly what the anti-virus software itself does to your system.

Think about the collective amount of time and money (money in form of productivity) that goes into something like 60-90 day password changes. It has to be in the billions across all companies. Not to mention that people need to store their passwords somewhere, like on a post it note, so they don't forget their many, constantly changing passwords... which, again, is more of a security vulnerability than not requiring forced changes in the first place.

I am not saying that people should drop IT security altogether, just that they should stop treating every end-point as if there is an army of hackers bound and determined to crack it. Often times people implement the most elaborate IT security measures under the sun to protect data which isn't of particular value to anyone.

A lot of IT security, if we are honest, is like putting your head under your desk in the case of a nuclear attack. If a talented hacker wants into, for instance, a Windows network, you are not going to be able to stop them regardless of your security standards.
Bprince
50%
50%
Bprince,
User Rank: Apprentice
3/27/2012 | 4:18:09 AM
re: How To Make Information Security Everyone's Problem
"Human vulnerabilities--ignorance, inattention, gullibility--are just as exploitable as software vulnerabilities, if not more so." -- Very true.
Brian Prince, InformationWeek/Dark Reading Comment Moderator


The Business of Going Digital
The Business of Going Digital
Digital business isn't about changing code; it's about changing what legacy sales, distribution, customer service, and product groups do in the new digital age. It's about bringing big data analytics, mobile, social, marketing automation, cloud computing, and the app economy together to launch new products and services. We're seeing new titles in this digital revolution, new responsibilities, new business models, and major shifts in technology spending.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest - July 22, 2014
Sophisticated attacks demand real-time risk management and continuous monitoring. Here's how federal agencies are meeting that challenge.
Flash Poll
Video
Slideshows
Twitter Feed
InformationWeek Radio
Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.