Mark Teicher [SMTP:mht @
clark .
net] asks:
What determines when integrity is compromised within a firewall
or internet
security solution?
I would consider any breach of the company's Security Policy as
compromising the security integrity of a system.
Any of these scenerios fit that bill.
Is it when the hardware/software fails to do its job?
Yes - if it fails to a less secure mode or can be caused to
fail as part of a denial of service attack.
Is it with the network architecture that was improperly
designed?
Yes - if it failed to implement the security policy in the
first place.
Is it with a firewall that was not designed for a particular
function?
Yes - if the firewall can not protect against a specific type
of attack (e.g., SYN floods)
Is it with people who are not properly trained to maintain a
firewall?
Yes (and common) - Changes make to the network or
firewall can result in violations of the security policy because the
people making those changes do not understand the security ramifications
of them.
Or is it with management who fails to recognize when people,
hardware/software and policy are not adequate to sustain such a
solution?
Yes (and common) - Security is a business process and as
such need the support and direction of management. Unfortunately,
management often doesn't properly weight the risk against the cost so
security devices, implementation and training are often inadequate to
maintain the security policy.
"Simplify - There is no value in complexity, it's too difficult to
manage."
Bill Stackpole, CISSP
Seitel Leeds & Associates Voice: 206.283.4355
2 Nickerson St. Suite 201 Email: bstackpole @
sla .
com
Seattle, Wa 98109
|
|
