Too much security is a bad thing

As far as most corporations around my neighborhood  are concerned,  the role of  IT security is to keep the authorities at bay, so that business can go on as usual. Intelligently ran business realize that they need security to safeguard what I consider the most valuable asset of theirs in the modern service economy, their data.

So a security officer is always been drawn between the need for productivity, the need to assuage the authorities AND the necessity to safe guard the corporate infrastructure. Which leads me to “Too much security  is a bad thing“.

If one designs systems and services so that they are “absolutely” secure, then it will come to pass that not even their designer can use them.Once upon a time I worked someplace where we created a log in/access system that required three different sets of passwords and three different hops through an equal number of firewalls  to get to the target machines. It was and still is very secure on paper, but it made our life so difficult that we scripted automated log in systems to bypass all that cruft. Not to mention that uploading or moving files was a nigthmare of chasing spagheti SSH connections and we had to maintain three different firewall technologies.

Too much security annuls itself. It forces people into such stress that they find ways around it. A moderate, well designed IT security model  where certain liberties are given, yet monitored, is a much better alternative. But that on another technical recipe of properly setting up an auditable bastion perimeter for data centers.

Advertisements

One thought on “Too much security is a bad thing

  1. adamo says:

    People have the tendency to think in obscure “complicated” ways because they think that this is the way to safeguard their data. “No one else will think of that”. Well, the complex setup may have gates so wide open, that indeed no one will need to think that way. What people need (aside monitoring and auditing, which is a post that I will wait for) is the ability to recover and come back online *with* data really fast,

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: