Myth of Fully Secure

There is a widespread misconception about computer security. One sometimes encounters phrases such as "completely secure" or "fully secure". There is no such thing as a completely secure computer. If there were, it would be completely useless.

An example of a completely secure computer might be one that is sealed in a thick metal container with no access openings of any kind mounted on solid metal girders embedded in a concrete slab. It's battery operated and no human has access to it and it's not connected in any way to any other computer or network. The container is guarded 24 hours a day by a team of armed guards, the composition of which is frequently changed, with strict instructions that no one is to approach the container. This is as secure as I can imagine and is totally useless.

As soon as a human being has access to a computer you have a security exposure because humans have weaknesses that may be exploited by those who want unauthorized access to a computer or the information in it. As soon as a computer is connected to a network the potential exposures increase dramatically because everyone with access to that network is a potential threat. By it's very definition, a public web site is connected to the world's largest computer network, the Internet.

It is often precisely the exposure that puts a computer or network at risk that also makes the computer valuable in the first place. It's impossible to have a public web server without risks. You have no chance of having realistic security until you forget absolutes and understand that all computer security is a matter of trade-offs and compromises.

The most basic trade-offs are typically between security, money and convenience. More security usually costs more to achieve, starting with the hiring of qualified professionals, and often results in less convenience and more administration.

In some respects security is like insurance; funds are spent to prevent much larger loses in the future. Insurance reimburses you for loses that have occured; security attempts to prevent harmful events from happening and to detect those that cannot be prevented so that the effects may be minimized. Since good security may succeed in preventing the occurrences that it is designed to prevent, you may never see tangible benefits of security. The effects of good security will be most visible when an occurrence that could have been a major disaster is held to a minor incident.

Good security must avoid being so burdensome that your own staff try to circumvent it; if your own staff does not support your security efforts, no policies or technology will accomplish your security goals. Security includes user training so that your staff understands your security goals.

Top of Page - Site Map

Copyright © 2000 - 2014 by George Shaffer. This material may be distributed only subject to the terms and conditions set forth in http://GeodSoft.com/terms.htm (or http://GeodSoft.com/cgi-bin/terms.pl). These terms are subject to change. Distribution is subject to the current terms, or at the choice of the distributor, those in an earlier, digitally signed electronic copy of http://GeodSoft.com/terms.htm (or cgi-bin/terms.pl) from the time of the distribution. Distribution of substantively modified versions of GeodSoft content is prohibited without the explicit written permission of George Shaffer. Distribution of the work or derivatives of the work, in whole or in part, for commercial purposes is prohibited unless prior written permission is obtained from George Shaffer. Distribution in accordance with these terms, for unrestricted and uncompensated public access, non profit, or internal company use is allowed.