Technology can do some amazing things. Recent years have seen the development of ever-cheaper and more powerful hardware, software that harnesses the hardware to open new vistas for computer users, as well as advancements in cryptography and other sciences. It’s tempting to believe that technology can deliver a risk-free world, if we just work hard enough. However, this is simply not realistic.
Perfect security requires a level of perfection that simply doesn’t exist, and in fact isn’t likely to ever exist. This is true for software as well as virtually all fields of human interest. Software development is an imperfect science, and all software has bugs. Some of them can be exploited to cause security breaches. That’s just a fact of life. But even if software could be made perfect, it wouldn’t solve the problem entirely. Most attacks involve, to one degree or another, some manipulation of human nature—this is usually referred to as social engineering. Raise the cost and difficulty of attacking security technology, and bad guys will respond by shifting their focus away from the technology and toward the human being at the console. It’s vital that you understand your role in maintaining solid security, or you could become the chink in your own systems’ armor.
The solution is to recognize two essential points. First, security consists of both technology and policy—that is, it’s the combination of the technology and how it’s used that ultimately determines how secure your systems are. Second, security is journey, not a destination—it isn’t a problem that can be “solved” once and for all; it’s a constant series of moves and countermoves between the good guys and the bad guys. The key is to ensure that you have good security awareness and exercise sound judgment.
For more information see www.westecservices.net
Tags: computer security, hackers, security, technology
July 12, 2010 at 6:33 pm |
I believe it’s possible to achieve a 100% secure computer, but not with today’s technology and security paradigms. Computers weren’t engineered to be secure against hackers – they were engineered to be secure against honest people. Everything needs to be re-engineered from scratch to be inherently secure.
It’s possible to address the human factor as well, but that requires a less open architecture, controls and a process – and we both know how much people hate controls and a process.
Computers will be secure one of these days, but it won’t happen until the people who develop the hardware and operating systems stop asking everyone else to do their job for them. They are the only ones that can make computing secure.