Do you actually understand computer security or just the analogies?
Today, in corporate boardrooms across the world, computer security experts will try to explain computer security in layman’s terms to people who are not very savvy about such matters. The experts will typically use physical security analogies along these lines:
- Firewalls are like guards that check the identification of each network packet that traverses the virtual front gate.
- Network Intrusion Detection Systems (NIDS) and anti-malware software are like TSA personnel at an airport, looking for dangerous items and suspicious behavior.
- Security permissions are like locks that control physical access.
This sounds about right, doesn’t it?
In the physical security world; locks, fences, guards and roaming patrols equate to a real sense of security. Unfortunately, computer security analogies along these lines are an oversimplification that can lead people into believing that basic computer security measures (firewall, NIDS, anti-malware software and permissions) actually prevent hackers from breaking into systems.
Here are modified analogies that are a bit more accurate:
- Firewalls make sure that everyone entering a facility or area is wearing a shirt and footwear. As long as a person meets this criteria, the person can enter the facility or area.
- NIDS and anti-malware are looking for people dressed in black, wearing a ski mask and carrying a crowbar, bolt cutter or blow torch. Everyone else that doesn’t fit this description is allowed to pass.
- Security permissions (locks) keep honest people honest. Criminals bring tools to bypass the locks.
While this is a more accurate reflection of what is actually happening at a technical level, it really doesn’t leave anyone feeling very secure. Now consider the following:
- Thieves need physical access to break into a facility or area. Hackers can break into their target from thousands of miles away.
- Thieves can wear a disguise and carry fake credentials to look like they belong in a facility or area. Hackers look like they belong because they are are using real credentials (stolen).
- Thieves need to break or pick locks. Hackers can walk through walls (buffer overflow). Both thieves and hackers can bypass locks with stolen keys.
- Some thieves are trusted insiders that use their authorized access to steal information or facilitate unauthorized access for others.
With the addition of the differences between real world thieves and hackers, and trusted insiders, computer security doesn’t look all that effective – and the truth of the matter is, it’s not.
When computer security experts use analogies, their analogies are often geared toward convincing an organizations to invest money, time and effort, into hardware, software, personnel and training to protect their assets and information. While organizations do need to invest in computer security, organizations need to realize that computer security measures only provide protection against certain types of hackers that don’t know how to bypass basic security measures.
Find all of this fascinating? Want to learn the hidden truths behind computer security and hacking? Read my book!