Accepting Complexity a Key Step to a Secure Environment

Carl Weinschenk

This is an exceedingly useful article from IT Security. For the past couple of decades, security professionals and those trying to push various forms of malware have played a high stakes game of cat and mouse. Consequently, many approaches to data security have emerged, each protecting against one strain of vulnerability. This complex mosaic of solutions means that one security tool can overlap with another. One layer up are approaches -- such as network access control (NAC) -- that federate the localized products into a more comprehensive offering.

The article attempts to make some sense of this highly fragmented environment; it poses nine questions that those in charge of security should pose to vendors, integrators or other experts. The writer doesn't advocate a particular approach. Rather, he is laying out the first step in suggesting to businesses how they can find out how the various approaches available (for instance, white listing, access control programs and behavior-blocking) can be harnessed in a flexible and efficient manner. The piece describes what each does and whether one makes another unnecessary.

The story offers no answers. Its usefulness is in helping those charged with protecting organizational data -- but perhaps untrained in the niceties of security -- to start organizing their thinking.

The Internet loves talking about itself, and a lot of security information is available for beginners or to decision-making C-level executives whom IT must get on board in order to get funding. Here are four places to start:

  • This piece at provides basic wireless security suggestions. These include the importance of changing the service set identifier (SSID), changing the default username and password, enabling encryption and using a firewall.
  • A readable summary at provides information on security-related topics, including firewalls, spyware/adware and associated removal tools, antivirus software, Trojan horses, ActiveX controls, operating systems, e-mail, Web browsers, local area networks (LANs) and home networks.
  • There is little text at The Beginner's Guide to Internet Security. The post links to a tremendous number of articles, sites and blogs on antivirus software and spam, popups and ways to fight them. The titles of some of these links make it likely they run far afield, but the sheer number suggests that there is a lot of valuable information available for those with persistence.

Not everybody has to be an Internet security expert. Decision makers, however, must have a basic understanding of this confusing world. The complexity comes from a couple of basic sources. The first is simply the inherent complexity of malware and viruses themselves. The second level is that the ongoing parry and thrust of good folks and bad means that there are multiple simultaneous playing fields upon which the battle is played out. The overlap between the various security measures -- where one ends and the other begins, which are duplicative and, in cases of duplication, which is more effective -- must be understood.

Add Comment      Leave a comment on this blog post

Post a comment





(Maximum characters: 1200). You have 1200 characters left.




Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.