The last two companies that I worked for had Web sites, as well as great paranoid delusions about the security threat presented posed by those Web sites. Actually, they worried about the army of miscreants lurking in the shadows waiting to attack those Web sites. So in an effort to protect data that almost no one really wanted, they bought an expensive padlock and used it to secure a balsa wood door. Let me explain.
At one place, the Web servers lived behind a firewall, surrounded by all the other stuff that's supposed to keep it safe from potential bad guys. All of that was then locked away in the computer center behind a great big door. Unfortunately, few of the IT staff had keys, so the first person to arrive each morning carded the door with a driver's license and kept it open with a power cord tied around the doorknob (the last place I worked used a phone cord). So while we were potentially protected from high-tech hackers, any disgruntled hatchet-wielding hackers were free to have a go. As did anyone who happened to wander back there after having had a bad day with the boss.
Much of the driving force behind the Herculean efforts put into security systems seems to be an effort to placate the egos of middle and upper management, who really want to believe that there are evil forces afoot, planning to abscond with their valuable data files. It's completely understandable why your management's worried, isn't it? There's a big, big market for information about your company's widgets or doodads or whatever it is that you're supposed to be fortifying, isn't there?
Okay, sarcasm aside, here's another example of having that shiny lock on the balsa wood door -- leaving your data in a form that can be used by anyone who steals it.
Whenever I read a story about how a hacker broke into a database and stole credit card numbers, my first reaction has always been: "What sort of moron stores sensitive data like that in plain text in the first place?"
Why spend thousands of dollars protecting the data, when a cheap encryption scheme would have rendered it useless? Spy couriers carry their documents in exploding briefcases. Banks tuck a packet of exploding dye in their moneybags. Fine, if you want it, take it -- it just won't be very useful. "This message will self-destruct in 5 seconds. Have a nice day, Mr. Phelps."
In a previous incarnation, I was in engineering. I had the opportunity to work with a security expert who was an ex-government spook.
His approach to security was twofold. First, he took all the standard preventative measures. But then he moved onto his second tier, which he favored: stealth and deception. One of his favorite devices at the time was a pressure mat, just like the ones that open supermarket doors. This cheap device was hidden under the rug, inside the room with the heavily protected door. Its sole purpose was to catch anyone breaking in, since having overcome the sophisticated alarms and countermeasures, the thieves would enter the room and pat themselves on the back while standing on the mat, thereby setting off the alarm that they had spent so much time and effort circumventing. He never believed that he would keep anybody out, but he made sure they wouldn't get far once they got in.
If the primary focus of a security system is to make things secure, start with the data. Hide it. Encrypt it. Password-protect it. Fix it soo that even if it's stolen or compromised, it's useless.
Keeping management happy is important -- after all, they sign the checks so to speak, but don't let corporate egos drive the effort. Try to estimate what type of target you present. Will the hackers become famous because the XYZ Widget Co. catalog was off-line for a few hours?
Probably not. Is there anything on your Web site that isn't already in your printed catalog?
The main point to a security system is to slow down the attackers long enough to be able to formulate a counterstrike or to make their presence known so that countermeasures can be engaged. But more importantly, though, don't leave things laying around in a form that's useful to everyone.
A final thought on protection versus deception. The great pyramids of Giza, though formidable, were far from impenetrable. On the other hand, the Beale ciphers are still out there.
This story, "Padlocking the balsa wood door" was originally published by Computerworld.