You are currently viewing Security is a process

Security is a process

  • Post author:
  • Reading time:2 mins read

There is no “magic box” security. I can’t buy a device in the market that can be plugged in somewhere and assume “I am safe”. Much like dreaming about an all-proof balloon that secures us from all diseases and attacks. There is no replacement for a healthy-diet program and being vigilant. It is the process of eating healthy, keeping yourself fit, getting adequate sleep, which builds our immunity. And being vigilant of the possible loopholes and fixing them in advance. On top of that, you add peep-through hole, burglar alarm, underground bunker, a bullet proof car or jacket or whatever else you think is necessary depending on your social status. If you are still attacked, you either go to the Doctor or Police. This entire thing is a “Process”.

Securing our computer systems, we buy a Firewall, set it up at the perimeter or at the endpoint and assume that our assets are secure. We forget the fact that firewalls need to allow traffic of our interest and that traffic might contain malicious code. And then we go for Antivirus. This is to help clean an infection after you are already attacked. And sometimes, we go for NIPS (Network Intrusion Prevention System), HIPS (Host Intrusion Prevention System), which is the balloon analogy. There is no fool-proof system that blocks all targeted attacks. All these are essential additional attachments depending on the social status (worth) of our assets. What we miss is a healthy-diet program. That is Vulnerability Management. Managing vulnerabilities is identifying the loopholes, fixing those weaknesses regularly and keeping your computer system healthy, which means security hardening your system and applying patches regularly. This entire thing, including the additional attachments, is a “Process”.

Share this article