Thinking About Computer Security
There are many catchy phrases regarding security, and many of them are true,
but they won't do you any good at all if you don't do something about it.
If you take only one thing away from this page, let it be this:
Security is a process, not a destination.
If you aren't continually "doing security,"
then you aren't anywhere near as secure as you think you are.
What are You Protecting and Why?
Computers today are so cheap that it is always the case that
the data stored on them is worth more (often far more)
than the computer itself.
That means it is the data we are trying to protect.
Broadly speaking, data has value either to yourself and/or
to others.
For example, the QuickBooks data for your business might not be
of any particular value to someone else, but losing it could be
catastrophic for you.
On the other hand, exposing your credit card number to the wrong people
can have a very high dollar and/or hassle value associated with it.
Giving a value to data can be tricky, but one quick
way of doing it is to look at a folder (or database or file) and ask,
'If this was gone, what would I pay to get it back?', or
'What would I lose if someone else got this information?'
Honest answers can result in some alarming numbers.
(See our AB 700 page to see
just how expensive losing a laptop can be.)
Types of Security
Computer security comes in several flavors:
- Physical Security,
- Access Security, and
- Communications Security.
Each of them is important and each requires a different way of
looking at security.
This page is in progress. (No, really, it is. You can check the
date last modified at the bottom of the page.)
Physical Security
Simply put, can someone steal your computer?
If they can, then they will have all the time in the world to
find interesting information on it.
It also means you lose the use of your programs and the data they
manipulate.
Access Security
Can someone sit down at your computer and get access to something
you wanted to keep confidential?
Communications Security
| 