Defence in depth: Don't let your firm's security become a boondoggle
Information security (infosec) isn’t a game for amateurs. No one solution will do. Proper information security requires defence in depth: layers of technologies, techniques, best practices and incident response woven together into the tapestry of everyday operations.
Unfortunately, hiring professionals is no guarantee that information security will work, either. Perhaps the most relevant example is the United States' Department of Homeland Security's (DHS) completely useless 6-billion-dollar firewall.
The short version of the DHS debacle is that after more than a decade and $6bn of development it essentially does nothing. I have built Linux VMs using open source packages such as clamav, spamassassin, iptables, snort and squid that are more functional. I rebuild them every year. They take about a week to do properly for the latest version of the packages. I'll gladly build a set regularly for the DHS as a fully automatable virtual appliance for a lot less than $6B, if they're interested.
No comments:
Post a Comment