Just because I’m paranoid doesn’t mean…
By kemer on Aug 01, 2012
While I’m a passionate computer user–recognized within my family and circle of friends as a reigning (or at least old) geek–I spend at least as much time warning people to be careful as I do showing them the cool things they can do with their computers. I’m shocked at the widespread complacency over computer and network security and privacy: we should all be afraid. Very afraid. I only need remind you of recent security breaches with LinkedIn and Dropbox!
I have been in the business of publishing systems best practices for over a decade: security has been a keystone topic all those years. The good news is that high levels of security can be achieved: you just have to be smart about it. With a few exceptions, security isn’t something we actually sell, because it is dominated by relatively unglamorous concepts, processes, and practices, not extra hardware and software.
Because of this, security experts often find themselves trying to teach really fundamental (and after-the-fact, obvious) concepts. For example, in building a secure environment, you want to make sure your platform fulfills four important points:
- It must be able to prevent or minimize the damage caused from both accidental and malicious actions. This is referred to as survivability.
- It provides a layered set of defenses exist so that secure operations continue even after a vulnerability or the failure of a single security control. This is referred to as defense in depth.
- It provides only those services that are absolutely necessary to the function or user. This is referred to as least privilege.
- It is critical to be able to detect and report a breach. This is referred to as accountability.
We just posted an important article, written by three security experts I have worked with for a long time: Best Practices for Securely Deploying the SPARC SuperCluster T4–4. In building a solution that will survive a world of sophisticated cyber-criminals, it is more important than ever to pick the correct hardware and software platform. This article gives you a crash course in the things to consider, and explanation of the special features of the SPARC SuperCluster T4–4 that will make your job of creating a secure environment easier, and (most importantly) how to go about putting things together.
This is a big and important topic. Once you have digested this “Reader’s Digest” article, I’m confident that you’ll want to look at the references listed at the end. Now is the time to get smart about security.