Home » Parts of security

Add new comment

Parts of security

Submitted by alcourt on Fri, 2006-11-03 17:52.Operating System

So I've been working on an internal security review and discovering that the bulk of the issues I run into stem from the fact that the users don't seem to understand the need for an audit trail.

To me, security consists of confidentiality, authenticity, and the auditability. It's easy to explain the need for the first two, or at least, people don't need me to explain why they are a part of security. I get the normal "But we have a firewall, why do we need security?", but that's minor. But when it comes to issues that center around preserving an audit trail, I get blank stares and a complete lack of understanding as if they just don't understand at all what I'm talking about or why a security review would be remotely concerned with maintaining a record of who did what on a system.

The sad thing is even some people who should know better have failed to understand it.

Trackback URL for this post:

http://lopsa.org/trackback/870
Read the rest of this entry...
alcourt's blog | add new comment | 1432 reads

Reply


*

  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <hr> <dl> <dt> <dd> <h2> <h3> <h4> <pre> <i> <table> <tr> <th> <td> <img> <div> <p> <br> <blockquote> <font>
  • Lines and paragraphs break automatically.
  • Images can be added to this post.
  • Easily link to terms in various wikis or other websites by typing [prefix:term]. Use the "|" character to create a "piped link," e.g., "[w:public transport|public transportation]" displays as "public transportation." For a full list of available prefixes and the websites to which they point, see interwiki.
  • You may use [inline:xx] tags to display uploaded files or images inline.
  • Web and e-mail addresses are automatically converted into links.
  • Web and e-mail addresses are automatically converted into links.
  • Lines and paragraphs break automatically.
  • You may use [inline:xx] tags to display uploaded files or images inline.
  • Images can be added to this post.
  • You may use [inline:xx] tags to display uploaded files or images inline.
  • Easily link to terms in various wikis or other websites by typing [[prefix:term]]. Use the "|" character to create a "piped link," e.g., "[[w:public transport|public transportation]]" displays as "public transportation." For a full list of available prefixes and the websites to which they point, see interwiki.
  • WikiText is converted to HTML (supported WikiText formatting will show in the long tip format).
More information about formatting options
Verify comment authorship
Captcha Image: you will need to recognize the text in it.
*
Please type in the letters/numbers that are shown in the image above.