RE: [ISN] Security experts question DOD cybersecurity

From: InfoSec News (isnat_private)
Date: Mon Jul 28 2003 - 03:34:30 PDT

  • Next message: InfoSec News: "[ISN] POTENTIAL USE OF OFFICIAL IDENTIFICATION, UNIFORMS OR VEHICLES"

    Forwarded from: "Everist, Benjamin S. (NASWI)" <EveristBat_private>
    
    ISN wrote:
    
    " "The advantage of a homogeneous environment, or more of a
    mono-culture, is it's much easier to manage. You train your people in
    a particular system, and they manage that system, they know all the
    security settings, you run tools to make sure they lock it down." "
    
    --kind of like McDonalds "trains" their hamburger techs to flip
    burgers, and the pickle techs to administer pickle usage.  Can this
    kind of factory-line mentality really work for IT?
    
    Taking the analogy further, suppose we say McDonalds represents the
    ideal in homogenous environments and streamlined processes. What else
    can we inherit from this model?  Rapid turnovers, poorly educated,
    under paid and over stressed employees, and indifferent service?
    
    A real security win, there.  But what I like least about the
    homogenous environment is its failure to realize the value of a
    diversity of tools for a diversity of tasks.  If all of my people are
    trained in only one tool, what happens when my needs change?
    
    /R,
    
    Benjamin Everist
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Mon Jul 28 2003 - 06:51:56 PDT