[prev in list] [next in list] [prev in thread] [next in thread] 

List:       isn
Subject:    RE: [ISN] Security experts question DOD cybersecurity
From:       InfoSec News <isn () c4i ! org>
Date:       2003-07-28 10:34:30
[Download RAW message or body]

Forwarded from: "Everist, Benjamin S. (NASWI)" <EveristB@naswi.navy.mil>

ISN wrote:

" "The advantage of a homogeneous environment, or more of a
mono-culture, is it's much easier to manage. You train your people in
a particular system, and they manage that system, they know all the
security settings, you run tools to make sure they lock it down." "

--kind of like McDonalds "trains" their hamburger techs to flip
burgers, and the pickle techs to administer pickle usage.  Can this
kind of factory-line mentality really work for IT?

Taking the analogy further, suppose we say McDonalds represents the
ideal in homogenous environments and streamlined processes. What else
can we inherit from this model?  Rapid turnovers, poorly educated,
under paid and over stressed employees, and indifferent service?

A real security win, there.  But what I like least about the
homogenous environment is its failure to realize the value of a
diversity of tools for a diversity of tasks.  If all of my people are
trained in only one tool, what happens when my needs change?

/R,

Benjamin Everist



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo@attrition.org with 'unsubscribe isn'
in the BODY of the mail.
[prev in list] [next in list] [prev in thread] [next in thread]