Peter takes on the very practical task of describing practical security steps that don't require lots of time, effort, or money. They are steps that, if taken broadly, would make the world of computing a safer place.

Imagine that we live in the Middle Ages. There is chaos beyond our castle wall. We are going to design the castle using the same methods that are employed today in computer security: First we put up a strong door, but make the walls out of paper. We dig a moat, but leave it empty and easy to cross. We put up sentries, but too few, and we ignore what they are telling us. Next we take all of the valuables, put them behind the strong door, show the villains where they are, and put our weakest guards around the goods. A pass is necessary to get through the door, but it can easily be forged and allows access to the entire castle. We also send secrets to our citizens and allies, with some being encrypted strongly, others weakly, and still others not at all.

How long would such a castle stand? How long would the valuables be protected if the door were opened when anyone with a forged pass was allowed through? The point, of course, is that such a design is ridiculous, and yet we have computer facilities built exactly like this — facilities have firewalls but frequently no other form of security. External routers frequently have no access control lists, leaving a clear path from the outside to the firewall. Even when other layers are added, such as IDS, the results are useless due to too many alarms, alarms about security breaches that already happened, or ignored log files due to a lack of staffing. We lack security policies for our sites, and we don't do periodic audits and penetration tests to see whether the policies are implemented.

[ Read more ]