Comments on: Security Views Case Study #4 – Blissfully Aiding and Abetting Hackers http://securityviews.com/blog/2007/07/25/case-study-owned-database-servers/ Actionable security ideas for managers. Fri, 05 Dec 2008 16:31:10 +0000 http://wordpress.org/?v=2.0.2 by: Scott http://securityviews.com/blog/2007/07/25/case-study-owned-database-servers/#comment-2367 Sat, 25 Aug 2007 21:16:57 +0000 http://securityviews.com/blog/2007/07/25/case-study-owned-database-servers/#comment-2367 @mroonie Thanks for the link. Bruce's essay is right on, from my point of view. In fact, barring the invention of the mythical "Magic Crypto Fairy Dust", I think more organizations will have to do just what Bruce says. Form a number of distinct networks for different types of information. They would have strictly limited, or no access, for interaction between them. @mroonie

Thanks for the link. Bruce’s essay is right on, from my point of view. In fact, barring the invention of the mythical “Magic Crypto Fairy Dust”, I think more organizations will have to do just what Bruce says. Form a number of distinct networks for different types of information. They would have strictly limited, or no access, for interaction between them.

]]> by: mroonie http://securityviews.com/blog/2007/07/25/case-study-owned-database-servers/#comment-1982 Thu, 16 Aug 2007 17:24:53 +0000 http://securityviews.com/blog/2007/07/25/case-study-owned-database-servers/#comment-1982 I think a lot of it also has to do with the fact that this breach occurred at a university. According to Jonathan Penn from Forrester Research, universities tend to use many different services for information management. Security solutions are also different for every department. It's especially difficult to try to come up with one solution that works for all departments within a university. Bruce Schnier has an <a href="http://www.schneier.com/essay-149.html" rel="nofollow">essay</a> about it on his blog that touches on that touches on the challenges that universities have to face when it comes to information security. Definitely a worthwhile read. I think a lot of it also has to do with the fact that this breach occurred at a university. According to Jonathan Penn from Forrester Research, universities tend to use many different services for information management. Security solutions are also different for every department. It’s especially difficult to try to come up with one solution that works for all departments within a university.

Bruce Schnier has an essay about it on his blog that touches on that touches on the challenges that universities have to face when it comes to information security. Definitely a worthwhile read.

]]>