|
|
Friday, July 23, 2004
|
|
| |
I mentioned here that it seemed contradictory to me that someone can advocate both privacy and full disclosure in the same breath. I have thought a bit more about it and have become even more convinced that this is worth pursuing.
The old saying "some information just wants to be free" apparently does not apply to personal information that is protected in various laws and regulations, like personal health information, activity-based information (i.e. what porn sites have I been visiting), financial information, and even demographic information (my email address). But of course the real issue with privacy is... disclosure. As in, who is allowed to disclose this information, and to whom?
Disclosure is this other piece of information - we disclose all sorts of information both inside the security space - vulnerability information, hacker instructions, etc. and outside - how to break other systems, publicly available (yet nicely packaged) information about sensitive locations, etc.
In general, those who are vocal about disclosure are adamant that the information is currently available and so the packaging and distribution don't matter. Those who are vocal about privacy (the same people? ;-) are adamant about protecting this information...which is currently available anyway. Hmmm, can someone help resolve this for me?
4:16:30 PM 
|
|
Clarity is often gained by offering multiple dimensions of an issue, problem, or topic. For example, a quick way to think about endpoint security is to consider the question of whether the endpoint is managed or unmanaged and whether it is connected or disconnected. Our options, then, are:
- Managed/connected - a state where these days we seem to worry much more about the network than any single endpoint, due to concerns about worm propagation. When we have control over the endpoint (managed), we can do things like install personal firewalls, antivirus, and a monitoring agent. Since it is also connected, we can evaluate the state of one or more of those three items and determine whether they have been providing the necessary protection.
- Unmanaged/connected - the best examples of these systems are kiosks and customers. These are intended to be valid users but because they are unmanaged they may also be rogue devices. Certainly, contractor connections fall into this category as well. In general, these scenarios are extremely dangerous in today's environments, and we are addressing them in two primary ways - first, through network-based security to identify rogue devices, and second, by interrogating the client via an activex component or other type of quick download.
- Managed/disconnected - we seem to be generally neglecting this category as of late, perhaps because it has been a part of our environments for so long. As laptops continue to dominate the endpoint landscape, personal firewalls and antivirus solutions are being modified to cope with the different networked environments that are being accessed.
- Unmanaged/disconnected - in general, we don't care about these and have no way to protect them anyway.
Just some thoughts.
3:54:18 PM
|
|
|
|
© Copyright
2004
Pete Lindstrom.
Last update:
7/23/2004; 4:17:41 PM.
This theme is based on the SoundWaves
(blue) Manila theme. |
|
| July 2004 |
| Sun |
Mon |
Tue |
Wed |
Thu |
Fri |
Sat |
| |
|
|
|
1 |
2 |
3 |
| 4 |
5 |
6 |
7 |
8 |
9 |
10 |
| 11 |
12 |
13 |
14 |
15 |
16 |
17 |
| 18 |
19 |
20 |
21 |
22 |
23 |
24 |
| 25 |
26 |
27 |
28 |
29 |
30 |
31 |
| Jun Aug |
|
