Winn Writes & Wrants

I really like being un-PC. It is a self protection mechanism, and besides after 25 years of security and infowar, I have a right to be somewhat paranoid.
Cisco says there are 4 classic user mistakes. I beg to differ. They say:

• Tailgating or letting people in to offices or past security ID card checks is rampant. Screw polite. “Yo, dude. I am paranoid. I’m gonna shut the door in your face and you can use your own badge to get it.” (OK, that’s after a few drinks, or when I am losing a football bet, but point made. Be polite if you have to.
• Wireless access points being installed by users. I mean, WTF, mate? C’mon already. This occurs because companies don’t offer a DMZ or a safe route to the Internet for visitors. Simple answer: Install your own wireless network, provide employees with the WPA code and be done with it. Anyone who sets up a wireless network without security or IT approval should be forced to eat nothing but beets and rutabaga for a month.
• Sharing private company data with unauthorized people is the result of poor training… and I daresay, the feeble minded HR-wonks and legal types who are afraid to actually enforce policy. Fire ‘em. Prosecute them.
• Mishandling corp data… like putting in on a USB stick or mobile PDA.

My list is a lot longer. Have you seen the irresponsible passwords allowed to pass muster in many companies? How about letting Microsoft documents to leave a company in native format, not sanitized? Adobe was made for a reason.
I could go on… and I am sure Cisco and I would agree on a lot more problems… I just hated seeing it limited to four.

German authorities today made this grand announcement: “The Internet is full of security holes.”

Where the hell have they been for the last two decades?

Some big announcement from the German government’s Federal Office for Information Security. Crime is on the increase. More viruses, worms and malware.

Have they not had the opportunity to participate in this discussion, offer solutions or otherwise help?

We don’t need more FUD or repetition of the obvious. “Hackers can also exploit security breaches on popular web sites…” is not constructive.

Their own studies support that users are clueless, with no A/V, firewall or other reasonable security practices. Then again, they are all probably using Windows.

I just watched a moving film about a fallen Marine who died in Iraq.

Upon his return to the States, a Marine Colonel volunteered to take him home, to his final resting place. The Colonel never let the casket out of his sight. He saw Chance loaded onto the hearse and then into the cargo area of the airport. He supervised the loading onto the first flight, and then spent the night with the casket in a Minneapolis airport holding facility. The following day he saw that the body was properly loaded on the connecting flight, off of that flight and into the receiving hearse.

The Colonel made sure that every honor and dignity was shown to his fellow Marine, and stood with him until he was finally placed in the ground.

This was the ultimate in respect and security due the most precious asset we can conceive of.

Watching this film is worth every bit of the seventy minutes of your time.