“Cyber anarchists” Living In the Clouds Has Earthly Ramifications
1
“Cyber anarchists” Living In the Clouds Has Earthly Ramifications By Eric Cole Wiki leaks teaches us two important lessons. First, in the electronic age there are no secrets. The difference between a secret electronic document and a public document is literally a one click difference. Second, regardless of all of the technology that is developed, an organization’s weakest link will and always be the human. It only takes one person to do the wrong thing (either intentionally or accidentally) to have sensitive information compromised. Always remember that no matter what you do or how hard you try, you cannot stop stupid. However you can limit or control stupid by implementing proper access controls, checks and balances and reduce the footprint of a system. Does every system in an organization need to have the ability to plug in USB hard drives? If the answer is no, than why do we provide that functionality for everyone. In order to protect sensitive information and minimize data loss, leaders need to better understand their environment. The first step is to answer three key questions: 1) What is the critical information 2) What business processes utilize it 3) What servers does it reside on You cannot protect what you do not know about. Once you know what your critical information is, the next key focus is to make sure proper classification of sensitive data is implemented for all systems. In the year 2010 most companies push to store as much information in electronic form as they can. With cloud computing this information can be accessible from anywhere in the world. Has anyone ever asked if this is a good idea? While pushing functionality is important, extremes are never a good thing. We always need to achieve a balance between too much and too little information. Today, wiki leaks shows us that we are clearly putting too much information online. While it sounds simple, if information is absolutely needed to perform a job function, properly controlled online access is good. However there is so much information online that is not required for an organization to run. If you look at much of the information posted to wiki leaks, you start asking why was that information still online and accessible to people who did not require it to perform their job function. Reducing the problem space by limiting what information is available, is a critical step organizations need to take to protect themselves.
-
Upload
nuuko-inc -
Category
Technology
-
view
217 -
download
3
Transcript of “Cyber anarchists” Living In the Clouds Has Earthly Ramifications
“Cyber anarchists” Living In the Clouds Has Earthly Ramifications By Eric Cole Wiki leaks teaches us two important lessons. First, in the electronic age there are no secrets. The difference between a secret electronic document and a public document is literally a one click difference. Second, regardless of all of the technology that is developed, an organization’s weakest link will and always be the human. It only takes one person to do the wrong thing (either intentionally or accidentally) to have sensitive information compromised. Always remember that no matter what you do or how hard you try, you cannot stop stupid. However you can limit or control stupid by implementing proper access controls, checks and balances and reduce the footprint of a system. Does every system in an organization need to have the ability to plug in USB hard drives? If the answer is no, than why do we provide that functionality for everyone. In order to protect sensitive information and minimize data loss, leaders need to better understand their environment. The first step is to answer three key questions:
1) What is the critical information 2) What business processes utilize it 3) What servers does it reside on
You cannot protect what you do not know about. Once you know what your critical information is, the next key focus is to make sure proper classification of sensitive data is implemented for all systems. In the year 2010 most companies push to store as much information in electronic form as they can. With cloud computing this information can be accessible from anywhere in the world. Has anyone ever asked if this is a good idea? While pushing functionality is important, extremes are never a good thing. We always need to achieve a balance between too much and too little information. Today, wiki leaks shows us that we are clearly putting too much information online. While it sounds simple, if information is absolutely needed to perform a job function, properly controlled online access is good. However there is so much information online that is not required for an organization to run. If you look at much of the information posted to wiki leaks, you start asking why was that information still online and accessible to people who did not require it to perform their job function. Reducing the problem space by limiting what information is available, is a critical step organizations need to take to protect themselves.
