The Holy Grail of Internet Security – finally, all our problems solved!

Last week I was scouring the web and I came across a white paper on “security threats of 2011” which I hadn’t read yet.  It was a 56 page document written by a top security organization (we all publish these reports but each company has a different spin).

There on page 41 was the fix for all our security woes!    Sure it took me a while to get there, but well worth it don’t you think?  The answer was (drum roll, please): “Secure the network perimeter.”

This made me laugh!  Really?  I have to say that anyone who thinks there is a network perimeter anymore – meaning, a definable, non-permeable network perimeter – is either smoking crack or lost in a delusional Dilbert dream where IT guys rule. That would be the fantasy where IT actually gives us mobile/portable devices of their choosing along with a set of rules we actually follow.   Useful rules like, “don’t get infected.”  Ha-ha!

And the more I contemplate this idea, the more I think it was always a fantasy.  Back when I was working for NEC’s Corporate Capital group – ten years ago – my laptop went home with me every day.  I used it for everything – my personal life and internet shopping included.  There wasn’t any rule which said not to.  Of course in those days there was a lot less malware out there (less than 100,000 pieces a year instead of 50 million).  Maybe this is what gave IT the feeling that they actually had a secure perimeter.

To make my point, let’s just take this recommendation and apply it to our homes.  If you want to keep your house from ever, ever being broken into, it’s not that difficult.  All you need do is “secure the perimeter.”  Here’s how:

1.)    Dig a moat.

2.)    Throw in some alligators.

3.)    Put a fence up so they don’t eat your guard dog.

4.)    Add a Rottweiler or Doberman to the mix.

5.)    Lock all your doors.

6.)    Don’t ever let anyone in.

7.)    Don’t ever let anyone out.

And voila, no more pesky solicitors.  Or…does someone see a problem with this prescription?

That’s right; unless we have Unabomber predilections, there are friends and family we enjoying seeing from time to time.  We need groceries and pizza, so we’d need to let those people in too.  We also enjoy going out, right?  The fact is: the civilized world as we know it has flexible boundaries everywhere you look.  Most of us go to work, leave at night and return again.  We’re able to fly (or walk or drive)  between countries.  Permeable perimeters are inherently insecure, but they are also essential to our happiness: they allow freedom, innovation, commerce and love – some pretty key elements of life, at least as us folks in civilized countries know it.

Of course sometimes we will get entrants we don’t want.  They may be masquerading as something else (as malware does, and sociopaths do) or someone may have brought them along unknowingly – as happens when we allow a laptop to be infected and bring it back into the network.  But there is no perfect solution.  The best we can do is “manage” our risk.  Whether it’s for business or home, get great anti-virus (like Kaspersky Lab AV) and follow best practices, but don’t imagine you’ll ever reach a point of having zero risk.

Because to implement what page 41 suggests perfectly, you have to be willing to give up pretty much everything to get it.

Best,

cj

Tags: , , , ,

One Response to “The Holy Grail of Internet Security – finally, all our problems solved!”

  1. jfoy says:

    I would add that information has almost become a organism and like the need to reproduce as a prime imperative for “living” things, information has a desire to be found out and shared. It just can’t be left unknown and perhaps in some strange twist of the universe, the hackers are doing the bidding of the information….

Leave a Reply

*