Letter from the Editor: November 2014

By: Tim Young

“There is no such thing as perfect security. Only varying levels of insecurity.”
-Salman Rushdie

A few summers ago, I had a brief fling with a great example of escapist television. I’m usually drawn to shows like Mad Men or Boardwalk Empire or The Wire. They require a fair bit of attention and are packed with details that the casual viewer might miss. If you skip an episode, you’re lost.

The same cannot be said for my summertime distraction, Burn Notice. If you haven’t had the pleasure, it’s a fun-to-watch bit of brain-candy that has a wider plot, but is mostly about an outcast CIA agent helping clients in a style that is equal parts A-Team and Remington Steele.

The show’s signature is a series of “real world” tips on how to survive firefights, pick locks, and so on. One tip that emerges several times is that people are very careful about securing doors. They are often reinforced, monitored, and adorned with as many locks as possible. Adjacent walls, however, are often far easier to breach. Interior walls are little more than drywall and paint, and a properly motivated intruder can often cut right through with little more than a pair of scissors and a little time. The opaque plaster and hidden seams only give the illusion of security.

Network security isn't much different. There’s so much to guard and limited resources available to facilitate that security. Weak points may not emerge until after a breach has occurred. You’re so busy watching the door that you don’t notice the gaping hole in the wall.

However, the absence of perfect security does not mean the absence of any security. In this issue of Pipeline, we explore a variety of threats to your network and useful suggestions for mitigating those threats.

We outline some archetypal hackers and their targets, discuss security operations centers, and examine how service providers can safeguard their most widely distributed assets: end user devices. We talk about how to avoid becoming a target and what additional risks, if any, are posed by increased virtualization. We also address customer privacy, DoS attacks, and whitebox security.

No, your security will never be perfect, but that’s no reason to leave your doors… or walls… wide open.


Tim Young


Latest Updates

Subscribe to our YouTube Channel