I used to spend my time dealing with security at a military scale for computer systems.  I was not guarding anything in terms of weapons etc, just following process for protecting documents I was managing.  If there was one thing that irked me was when people thought they were safe, but then did stupid things to completely undermine the security.  For example, going in through the main enterence involved stringent security checks, but going through the side enterance the only check was on your car speed.  My data was far less protected once physical security was compromised!

Bring this into the world of computers and my role now, many people do things to enable them to feel safe - load A/V software, run multiple malware detectors, check the patch level on their firewalls, even if they are hardware filewalls, keep their systems patched, ensure the clients and servers are locked down with their own firewalls configured and managed by policy.  I could go on, and of course you all do these things already, right?

It was a delight when I 1st heard Susan Bradley speak on security as it reminded me of the mindset from my mission critical computing days (before Microsoft, but after the Ministry of Defense).  Security is a mindset that must tackle both physical, electronic and social.  If you have the best security, but someone phoning up is given the password, your system is flawed.

There is also the great debate about can you trust your System Administrators.  The simple answer to this is that if you can not, don't let them be an administrator.  This is a very, very simple policy.  These people can access sensitive information, either trust them or replace them with people you do trust.

Finally, I came across this Technet article on Security Myths - answers some of the great questions in my mind.  My top 3 myths (paraphrasing) are:

• Lets Block all the bad stuff - and how can you tell what is bad - easier to say what is good
• I've run all my updates, got a/v etc therefore I am safe - a/v works by someone being hit 1st and others benefiting from them dying - you don't want to be the sacrifice for the better good do you?
• PC firewalls must block outbound traffic - why, if you can not trust the traffic coming FROM your PC, it must be infected, which means that the nasty can change your outbound firewall settings, so who cares.

ttfn

David