RE: Security vs. Simplicity




The key to achieve both "tenets" is always careful planning in network design and VERY careful documentation while operating it.
If you want to give maximum security to a network you can't afford to be sloopy. Fourthermore you should think twice about introducing a security feature of wich you are not perfectly aware what it is doing. Wrongly implementationslimit the services your network is offering - and thus reducing the very purpose of it - and achieve the same effect as an successful attack.
The main goal of any network is safety and reliabillity of the data it contains and ,of course, maximum uptime.
Of course, as it serves both simplicity and security reduce not needed devices, services, vlans, switches,....... everything needlessly.
So the bottom line is: get your security to the possible max, but only in small, well documented steps and skip everthing (not only related to security) unnecessary!


------------------------------------------------
MarSt is a websciencemaniac stefan.marksteiner@xxxxxxxxxxxxxxxxx
http://tugll.tugraz.at/49446/weblog/8082.html


-----Original Message-----
Hello list,



In a design process of a critical infrastructure system there is always a
tension between two tenets:

The "simplicity tenet" - keep it simple as much as possible.

And

The "security tenet" - make it secure as much as possible.

I am perfectly aware of all risk evaluation and assessment, TCO calculations
etc, that suppose to

help us all to reach a decision about "how much security" and "how much
simplicity".

But, we all know that gathering all relevant information and getting overall
agreement

about them and about the calculations of the risk\tco calculations is not
"optimal" to say the least.

I am also aware to the statement : "simple design is also a secured design".

But, we all know that in real life the security folks wants to add "just
this extra layer (for security in depth)

And\or "just this vlan (for yet another communication separation)" etc.

Don't get me wrong, I do understand that it's a valid concern,
I just say that it's not always will be in line with the "simple" design
tenet.



Now, let's say that after all the technical discussions the two inflamed
opponents are in front of us
(kind of real life situation.).



I would like to ask your opinion in the following way:

Let say that you are the manager who have to say one statement (kind of a
bottom line):
"Design that system according to the simplicity principal"
or

"Design that system according to the security principal"

I would humbly ask for an answer in a "managerial style":
first : what will be that bottom line.
second: (kind of appendix.) any explanation that you wish to add.



Than you all for your kind attention,

Avi



------------------------------------------------------------------------
This list is sponsored by: InfoSec Institute

Need to pass the CISSP? InfoSec Institute's CISSP Boot Camp in both Instructor-Led and Online formats is the most concentrated exam prep available. Comprehensive course materials and an expert instructor means you pass the exam. Gain a laser like insight into what is covered on the exam, with zero fluff!

http://www.infosecinstitute.com/courses/cissp_bootcamp_training.html
------------------------------------------------------------------------