Security Breach ?
Aleksandar Milivojevic
amilivojevic at pbl.ca
Thu Mar 3 20:33:53 UTC 2005
Chris Strzelczyk wrote:
>
> I know what CISSP means I work right next to one. But thanks :)
> Someday I would like to take the exam
> but I'm only 25 and I figure I can use more experience. Acutally I
> figure I need more experience, I'll put this
> in the lessons learned column.
You know, the most important thing in IT security is to be able to
detect when security is breached. And you got that part all right. IT
security is no different than real security (for example, if you need to
secure a bank): prevention, detection, and reaction.
There is no ultimately secure system. Such thing doesn't exist. There
are flaws in every system, and how often the system you administer will
be owned is a mater of statistical probability. Of course, the better
you are in "prevention", the probability of somebody braking in will be
lower. But it is impossible to get that probability to zero.
So to make long story short, the fact that you were able to detect
something is going wrong is far more important than the fact that
somebody broke into the system.
--
Aleksandar Milivojevic <amilivojevic at pbl.ca> Pollard Banknote Limited
Systems Administrator 1499 Buffalo Place
Tel: (204) 474-2323 ext 276 Winnipeg, MB R3T 1L7
More information about the fedora-list
mailing list