Enterprise Linux Today: Do you know if your data is safe?Oct 04, 2000, 08:06 (2 Talkback[s])
(Other stories by Brian Robison)
"One of the fundamental questions that every organization is presented with on a day-to-day basis is, "Is my data safe?" It's a really good question because the consequences of not knowing can be detrimental to your company. I hate the term, but the e-Commerce community is built on the integrity of its data, yet very few companies employ technologies that can directly answer the question."
"Most companies feel that they get "security" by putting a firewall in front of their web and mail servers. This really provides a false sense of security. "I closed the door to the house, therefore I have "security." We need to begin thinking of security as a process rather than an event. We will never have 100% security, so what do we do?"
"First of all we need to flop the entire security "model" upside down. I do agree that you should have a firewall in place. This keeps most of the "script kiddies" out, and can help protect your systems from some Denial of Service attacks. There is one major limitation of a firewall; it won't tell you if someone got through. So why not start with what you are trying to protect in the first place, the data. One of my favorite phrases is: "If you're trying to protect bad data, you're wasting your time." We should start with protecting the data and the systems where that data lives. This is called data integrity. Data integrity is a technology that will answer the question, "Is my data safe?"