ahead nero uk 3D Home Architect Design Suite Deluxe 8 adobe photoshop elements 2.0 serian number adobe creative suite premium upgrade mac Abbyy FineReader 9.0 Professional adobe art clip illustrator adobe photoshop elements 4.0 keygen ACDSee Photo Editor 2008 adobe photoshop with jpeg 2000 plug-in adobe illustrator cs keycode ACDSee Pro 2 adobe illustrator trial expired adobe illustrator cs tips Acronis Disk Director Suite 10 ssg adobe acrobat 8 upgrade adobe 5.5 photoshop 5.5 Acronis True Image 11 Home adobe photoshop elements digital photography review adobe photoshop tools and uses Adobe Acrobat 9 Pro Extended adobe photoshop online help open source adobe illustrator Adobe After Effects CS3 Professional keygen adobe premiere pro cs3 putting video in adobe acrobat Adobe After Effects CS4 MAC adobe creative suite 3 serial adobe acrobat standard free trial Adobe After Effects CS4 adobe photoshop support adobe acrobat 7.0 activation error codes Adobe Captivate 3 adobe photoshop premiere buy adobe creative suite 2 Adobe Contribute CS4 adobe acrobat pdf adobe acrobat newsletter enjoy pdf Adobe Creative Suite 3 Design Premium converting adobe flash to avi adobe acrobat blank page error Adobe Creative Suite 3 Master Collection re adobe illustrator remove white background adobe photoshop elements 2.0 troubleshooting Adobe Creative Suite 4 Design Premium adobe acrobat v7.0 full download adobe acrobat reader palm pilot Adobe Creative Suite 4 Master Collection MAC adobe after effects 6.5 keygen free adobe photoshop trial Adobe Creative Suite 4 Master Collection adobe illustrator sdk adobe photoshop sepia Adobe Creative Suite 4 Web Premium adobe photoshop elelments adobe dreamweaver cs3 crakz Adobe Dreamweaver CS3 adobe acrobat most recent version adobe photoshop cs2 serial crack Adobe Dreamweaver CS4 MAC image editing using adobe photoshop adobe illustrator tutorials blend Adobe Dreamweaver CS4 adobe illustrator patterns adobe acrobat 6 standard Adobe Fireworks CS4 ahead nero 7 ultra edition adobe photoshop latest pc Adobe Flash CS3 Professional adobe creative suite activation code adobe photoshop cs3 maximum memory Adobe Flash CS4 Professional adobe acrobat uninstaller download adobe acrobat 8 trial Adobe Flash CS4 Professional MAC 5.0 acrobat adobe mac acrobat adobe reader 7 Adobe Illustrator CS4 MAC adobe acrobat professional create postscript file fonts for adobe photoshop Adobe Illustrator CS4 adobe illustrator 9.0 serial numbers adobe acrobat 7.0 multi user license Adobe InDesign CS3 preview adobe acrobat ms access free adobe acrobat program Adobe InDesign CS4 adobe illustrator cs3 crop marks adobe after effects 6.0 professional crack Adobe Photoshop CS3 Extended adobe photoshop 7.0 upgrades

Posts Comments

Doing The “Right” Thing

Posted by jknape on December 5, 2008 · Leave a Comment Print This Post

By Joe Knape

The focus of The Security Catalyst is “Changing the way people protect information.”

Despite the deep respect I have for Michael, I’m skeptical that can be done. Before we can change the way people are protecting information we have to get them to protect it in the first place.

My experience of the last 15 years or so has caused me to come to the conclusion that people don’t want to protect the information they are responsible for. Sure, one hears a lot of talk about frameworks and strategies and processes and I see and have helped to implement some clever, and some not so clever, technologies and point solutions, but it is rare indeed that I have seen individual information security professionals, much less entire groups or organizations, proceed like they actually want to protect the information.

We all know what we should be doing to protect the “important” information. We don’t do it because it might be hard or it might take a lot of time or money or resources (debatable but I’m thinking like an accountant) or it might upset someone else in the company. What I’m saying is, the “right thing” may not be easy, but it is always the right thing. You want to protect your information? You want to protect my information, or my mom’s, or my brother’s or whoever else’s? Because, honestly, the information you’re responsible for isn’t really yours, it is your customers’ and your customers’ are your friends, your neighbors, maybe even your family. Maybe by putting a face on the information you will be motivated to do the “right thing” no matter how hard you think it is or how much pressure you might get from the powers that be.

So what is this right thing? Simple:

Identify what is considered “important” information to your company. Is it customer data, sales leads, intellectual property, etc.?,
Find ALL of your “important” information. Search every laptop, desktop, server, and database,
If the data doesn’t absolutely need to be where you found it, scrub it; if it does need to be there figure out a way to keep it safe and do it; encrypt it, anonymize it, put it in one or two central locations to be accessed “online” only, I don’t care.

Again, none of the above is “rocket science” and some of it may be extremely difficult, but it is RIGHT. So I ask you, for my sake, and the sake of my mom and dad, my brothers, and my friends, stop doing the easy thing and start doing “the right thing”.

Note from Michael Santarcangelo: for a complete answer to this challenge and more insights on how to successfully address this change, please read Into the Breach.

Filed under Blog, Security Catalyst Contributors · Tagged with

About jknape

Comments are closed.

The Security Catalyst

Doing The “Right” Thing

Engage with Michael

Recent Posts

Journey Into the Breach

Archives