Hacker Newsnew | past | comments | ask | show | jobs | submitlogin
Ask HN: Security Strategy Buildung Blocks
2 points by lixtra on Nov 13, 2019 | hide | past | favorite | 2 comments
An IT security strategy aims to ensure confidentiality, integrity, and availability of IT systems and information. This has to be traded off against economic and practical realities. What building blocks do you consider for a security strategy?

Examples are

- Deep defense. Consider everything hostile. No unencrypted traffic over the network. Spectre attacks matter a lot because you cannot trust other users on the host.

- Tough on the outside, soft on the inside (also M&M security). Try hard to keep bad guys of your intranet but trust your internal users. Spectre attacks don't matter because you trust the other users on the host.



Log, monitor and punish. If data has to be readily available but should only be used for intended purposes.

I.e. in a hospital medical data has to be immeadiatly available to all medical staff to react quickly. However, if medial data leaks (i.e. about a celebrity or in large scale) the bad guy can be caught by looking at the access logs to the data.


Data avoidance. Data that is not collected does not have to be protected and is automatically confidential.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: