Tuesday, May 8, 2007

The Plastic Swimming Pool Theory of Security

This is one of my theories of Security and why it is such a battle.

I'm not sure if I made it up or heard it somewhere but I stand by it.

"When one person pisses in a swimming pool it affects everyone"

This is why patching is so important but ignored. When a PC on the Internet is compromised by a worm the person who is running the PC may be affected a bit. Their link may slow down slightly but when 100,000 of them are used in a bot-net to attack companies it affects the companies, not the person who owns the PC.

It is the same with TJX etc, personal information stolen from their databases leads to identity theft and hence false purchases all over from many different stores. Everyone is affected.

So, just don't piss in the pool, please. And patch!

No comments: