Three simple rules of good security…

August 6, 2010

I’ve been taking a look at internetevolution recently. They are running an interesting series of ‘lectures’ about all sorts of IT related issues. Security was first up and Richard Stiennon kicked of with a talk called ‘What CXOs consistently fail to grasp about enterprise security’.

One of his slides is particularly useful. Titled ‘Three simple rules of good security’ it listed:

Secure networks assume that hosts are hostile
Secure hosts assume the network is hostile
Secure applications assume the user is hostile

I couldn’t resist adding a fourth in the comments:

‘Secure users assume the application is hostile.’

Like this:

Be the first to like this post.

Posted in All Posts | Tagged internetevolution.com, rules, security, Stiennon |

Leave a Reply Cancel reply

Enter your comment here...

Fill in your details below or click an icon to log in:

Email (required) (Address never made public)

Name (required)

Website

You are commenting using your WordPress.com account. ( Log Out / Change )

You are commenting using your Twitter account. ( Log Out / Change )

You are commenting using your Facebook account. ( Log Out / Change )

Cancel

Connecting to %s

InfoSec 2.0