What operating system(s) do you use?
Well, I'm an OpenBSD fan. It's not perfect (nothing is), but it certainly provides you with a beginning baseline. Of course, nowadays, many technologies that were once commonly to OpenBSD exclusively are becoming widely available to other operating systems. For quick-and-dirty installs, though, OpenBSD rox. However, between the Patriot Act and other legislative maneuvers like it, our problems are now a tad different. Whereas we once had to "watch" crackers, we must now also watch our watchers. This presents practical issues that this or that encryption suite or firewall may not necessarily handle, so now, we need to look more to the processes by which data winds its way through our enterprises and homes. Wireless security, for example, is still, in my opinion, a disaster, and yet, many of my friends use it without a second thought (and without hardening it). These days, any sensitive work I do, I do on a laptop without network connectivity. When I'm done, I melt the drive, and buy another.
What is, in your opinion, the biggest challenge in protecting information at the enterprise level?
Lack of understanding by administrative personnel on what process models are and how these affect security. Administrators today must know - at every level - the path by which a data element passes through their enterprise (and they must visualize this path transparently). Admin folks (I mean adminstrative folks, not sysadmins) often don't want to spend the money necessary to transparently expose that path or process. They'd rather buy this or that product, which they think will solve all their problems. Security as a process (and not an end) just isn't their thing. It doesn't fit into garden- variety expenditure analysis models.
You mention many security tools in your book, do you have any favorites?
That's a hard call. I see things like Nessus, for example, as constantly evolving, and anything of that ilk, I think, has a better future than some static system. However, I'd hate to plug a particular product against another. The best I can say is this: any tool that's modular, decentralized, open, and constantly evolving is likely to find itself into my CD library eventually.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.