SecurityRatty: Security Thoughts

Virtualisation - Welcome Back to the 90s.

2008-07-03 06:37:00 by Allen Baranov, CISSP in Security Thoughts

...Security wasn't so tight in those days but it was usually good enough and the box could happily do what it needed to do Along came Microsoft and produced the idea of "one box - one service". You can't seriously consider running your domain controller as a file server. What are you thinking? And to put mail on the same box? No way. In fact,...

Tags: server, file server, server box, box, mail server, mail, multiple applications, multiple, sql server

Andy sees the light

2008-07-01 13:40:00 by Allen Baranov, CISSP in Security Thoughts

...security. What is also known as "whack-a-mole" security or knee-jerk reaction. Essentially, something goes wrong and we put in controls in case it happens again. Then something else goes wrong ... we put in something different. Ad infinitum The name "whack a mole" comes from the game where you have a mallet and you keep whacking plastic...

Tags: whack-a-mole, whack, whack-a-mole solutions, solutions, block specific, turn-key technology solutions, block, mole, technology

CISSP is here to stay! Sorry, Dre.

2008-06-20 11:14:00 by Allen Baranov, CISSP in Security Thoughts

...Information Security position is no longer very important, specialisation is the only way to go I disagree. I am a CISSP and an InfoSec "generalist' but that is not why I disagree I love it when I read a blog and then read another about a totally different topic but that in some way relates to the first blog. And the second blog I read...

Tags: information, information security position, security, meetings, blog entry, cissp, blog, infosec career, firewall specialist

The Future of Information Security in Two Sentences

2008-06-06 11:09:00 by Allen Baranov, CISSP in Security Thoughts

...Information Security will be in the future and it seems that I am in total agreement with Gartner. The problem is that it has taken me many posts and much typing to put onto the Internet what Gartner sums up in two sentences The next generation data center is adaptive it will do workloads on the fly, [ Neil MacDonald, vice president and...

Tags: security, information security, info-centric security, future, gartner, gartner sums, process-centric security, generation data center, vice president

Henry Ford and Agility (Once you are secured - whats next?)

2008-06-05 14:04:00 by Allen Baranov, CISSP in Security Thoughts

...Information Security and IT computers are now cheap because of efforts by companies such as Microsoft and IBM and Intel to make computers accessible to the man in the street. Of course, in doing so they have made Information Processing (creating information, storing it, working with it, moving it) very messy. Information flows all over and...

Tags: information security, information, henry ford, information security nirvana, henry ford lost, processes, tie processes, information flows, business

Information Centric Security is dead!

2008-05-22 06:11:00 by Allen Baranov, CISSP in Security Thoughts

...Information Security Blogger unless you declare something dead so I will do that with Info-Centric Security So, what do I elect to replace this with? Process-centric Security I think that as we get closer to Information Security Nivana (and isn't that what we really want?) we will start to get closer to the point where we look at Business...

Tags: information, information security blogger, information centric security, information security nivana, information classification, process-centric security, process, dead, define processes

Thinking out the box

2008-05-22 05:50:00 by Allen Baranov, CISSP in Security Thoughts

...Information Security will have to adapt in the next few years This will take some time to secure and will take some time to get accepted but this is (IMHO) coming so brace yourselves. Life is going to get very interesting, especially for the Information Security guys out there This is actually not a new concept - Novell and Sun were working...

Tags: information centric security, information, information security, manage information, information security guys, security, extreme web, web, data

Because Hackers Don't Care... (Why Metrics Don't Work)

2008-04-29 13:23:00 by Allen Baranov, CISSP in Security Thoughts

Lets start with some statistics 99% of all workstations with up-to-date antivirus Antivirus blocks over 99% of all malware That is amazing! That is great stuff to show the IT Director, CIO, CSO, mom and to put on the wall. But, yet, a company I know (not the one I work for) still managed to get a virus which brought about some painful...

Tags: antivirus blocks, antivirus, virus writer, virus, network, network downtime, pcs, risk, residual risk

Security Catalyst Forums

2008-04-29 06:17:00 by Allen Baranov, CISSP in Security Thoughts

...Information Security and to harvest some of their ideas are the Security Catalyst Forums . Registration is free and gets you access to some really amazing people Each week someone volunteers to sum up the last week's postings and this week is my turn so here goes Andrew Hay is doing his CISSP and has been given a lot of advice by the...

Tags: security catalyst forums, catalyst, information security, information, smart people, people, security catalyst initiatives, numerous blogs, infosec anymore

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo