Is the term ‘Internet Security’ a myth? I’m there (from a practical sense). How many times in the last six months have you heard “…the accessed information included first and last names, email addresses, account passwords…”? I know you can make it more difficult to gain unauthorized access, but the landslide of publicized hacker successes in the very recent past indicates, the term ‘Secure Server’ should be looked at like the term ‘Low Fat’… ie a term coined from the marketing execs as the tech was in it’s infancy and not a term a seasoned IT Exec would have coined.
The fact is some information systems CAN’T BE tied to the net for security reasons. Some have to be but need constant vigilance. I personally think some of these systems should have a proverbial ‘quick disconnect’ that would deliberately sacrifice constant service to security (then specific rule defined anomalies would shut a server’s connection off physically). Until biometrics is the accepted standard for authentication to computers in general, and multiple biometric ID is required for really important servers, the quick disconnect method seems to be the safest course to take. It would save MILLIONS of dollars to companies that are responsible for customer privacy information (just a small breach of certain information costs millions).
But what about those servers that are cream targets for state or terrorist cyber-warriors. Those are the ones we should really be afraid of being breached. The fact is these servers are breached and with much more regularly than we (the general population) are ever privy to…
Got comments? Lay them on me.