Wednesday, August 30, 2017
INFOSEC Learning Log - 6
These past couple of weeks we talked about Infrastructure security. Related to this we were made to report our take on how to increase or suggest security features for our building. This would've been hard if we were to address multiple and specific threats while still managing resources to keep it cheap. But here's that catch; "THERE'S NO BUDGET". That's right people, we get to improve a building's security without regards to budget. At first we started throwing out simple ideas like extra cctv's, alarm triggered doors connected to the security, you know, the simple stuff. Then we just went over the top. We had EMP hardening for any electronics; preventing any form of power surge from harming it. A positive pressure system in the elevator; so that any form of chemical hazards that would occur it would always leek outwards and not inwards -which was originally planned for in case someone farted inside-. For those that aren't well informed these are some of the security measures applied in modern tanks. Then we came to the conclusion; Why not just build a bunker? this is what happens when you remove budget limits. But, in my defense though, this was still practical and realistic.
Friday, August 11, 2017
INFOSEC learning log - 5
Cryptography - the art of writing or solving codes.
So apparently not only did we talk about the security, weakness and exploitable points of a network we now learned how to secure it ourselves. Creating your own secret codes is fine and all but, there's a flaw to it. Which would be the stronger security program? One created and used privately or one created and released for public used? It's the one used for public used of course. Sure you made your own security system and so far you haven't been breached but that's only because you were either not worth it or no one has tried yet. A public program on the other hand, anything being used by everyone is always worth being exploited. The fact that it hasn't been breached just show's it's security level.
I'm not discouraging you to try and create your own secret codes. But, there are risks that should be known first before fully trusting the security you've created.
So apparently not only did we talk about the security, weakness and exploitable points of a network we now learned how to secure it ourselves. Creating your own secret codes is fine and all but, there's a flaw to it. Which would be the stronger security program? One created and used privately or one created and released for public used? It's the one used for public used of course. Sure you made your own security system and so far you haven't been breached but that's only because you were either not worth it or no one has tried yet. A public program on the other hand, anything being used by everyone is always worth being exploited. The fact that it hasn't been breached just show's it's security level.
I'm not discouraging you to try and create your own secret codes. But, there are risks that should be known first before fully trusting the security you've created.
Subscribe to:
Posts (Atom)