InfoWorld - Security Adviser: The one essential truth of computer security

/Home/Internet Security: Blogs/Internet Security: InfoWorld blog/InfoWorld: Security Adviser 2009

Unless you solve the all-important problem of locking down end-user PCs, all of your other security defenses will fail you

By Roger A. Grimes
July 03, 2009

Who doesn't love that scene in "A Few Good Men" in which Jack Nicholson's character tells Tom Cruise's character, "You can't handle the truth. I have neither the time nor the inclination to explain myself to a man who rises and sleeps under the blanket of the very freedom I provide, and then questions the manner in which I provide it. I would rather you just said 'Thank you' and went on your way."

I often feel like I'm acting out that scenario when speaking to CIOs and senior security leaders. They want me to tell them how to stop hackers and malware from invading their environments. Usually I'm consulting on some multitiered firewall/proxy/security solution aimed at protecting back-end databases. We talk about packet-inspecting firewalls, intrusion detection, two-factor authentication, and all sorts of high-tech defensive solutions that add several layers to their defense-in-depth protection.

Then I say something like, "That's all great, but it won't work." I usually have their attention by then.

Next, I throw out the inconvenient truths:

Click the URL above to read the full article