Security Basics Part1 – Fie, Fi, Fo, FUD
Security Basics Part1 – Fie, Fi, Fo, FUD
The biggest and best first step toward having the correct IT security for your business is often improving how you use what you already have.
In 1975, Gene Amdahl explained “FUD” in the technology industry this way:
FUD is the Fear, Uncertainty, and Doubt that IBM sales people instil in the minds of potential customers who might be considering Amdahl products.
That strategy has served the IT industry well in many areas. Many customers are still presented with proposals that focus on the negatives of not accepting what is being offered.
Modern IT security vendors may be amongst the biggest offenders. Many will emphasize the big, scary and vague consequences that their new, sophisticated and expensive systems prevent. While they are not lying, they rarely mention or ask if you have established a healthy foundation on which to add their new security component. Yes, FUD is a big part of their pitch.
The truth is that a lot of the “attacks” discussed hotly by security experts (certified and self-proclaimed) are not as relevant as the volume of discussion makes them sound.
For example, in mid-2017, WannaCry ransomware crippled the UK National Health Service (NHS) and infected hundreds of other businesses around the world. With its high visibility in the media, Anti-Ransomware was added to the list of must-have features and/or products that every business should have. The media stories barely mentioned that only systems that were not patched and up to date were vulnerable to this attack.
Suddenly vendors sprang into action to create anti-ransomware products and/or to add anti-ransomware features to their existing anti-bad-guy products. After all, there was no money to be made reminding customers that:
- Patching systems on a regular basis is important for security
- All your systems need to be patched
- Patch coverage needs to be monitored and maintained as computers are added, used and retired.
- Patching doesn’t just improve security; it typically increases performance and reliability too.
By the way… is your patching process reliably protecting and improving your organisation as much as it can? <-see, FUD ?
If you want to improve your security or a vendor is trying to sell you on adding a new product for security reasons, it’s a wise time to check that the basics are (still) covered. When you get the basics right, any imperfection at one of your vulnerable points has much less impact.
Before giving any security advice, Kirbi Solutions investigates your current situation because we know from experience that easily implemented security fundamentals are often overlooked. When they are, even a small hole in your defences can wreak much more destruction if your processes, people, devices and data haven’t had the right foundations established.
The good news is that a lot of the basics we see overlooked on a regular basis are easily resolved. IT Security always has another level of improvement available for more cost. Once you have the basics covered and your existing security components properly configured, only then is it time to consider whether the next level of security is right for you.
Call Kirbi Solutions on 07 3635 7345 to talk about your security needs, we won’t feed you FUD.
Recent Comments