About 21 years ago, Mr. Bill Burr wrote information security guidelines for the U.S. National Institute of Standards and Technology (NIST), and is responsible for the most obnoxious advice ever given about passwords. It's the one about how your password must be 15 characters long, include uppercase, lowercase, numbers, symbols, hieroglyphics, and a blood sample, and must be changed every 60 days.
He has since apologized for writing a standard for passwords that no one can remember, and that causes people to write down their passwords, which defeats the purpose of complicated passwords in the first place.
There's an excellent article about it here: https://www.cbc.ca/radio/asithappens/as-it-happens-wednesday-edition-1.4240252/man-who-made-passwords-hard-to-remember-regrets-rules-that-drive-people-crazy-1.4240255
This is the last blog posting for this class I'm taking (BSIT200), but no worries. I'm sure the next class I take will require blogging as well.
“A common mistake that people make when trying to design something completely foolproof is to underestimate the ingenuity of complete fools.”
-- Douglas Adams, “Mostly Harmless”
One of the things that bothers me the most where I work are people that won't document what they do in fear that their employer will keep their documentation and replace them with a lower cost employee. These people don't realize that having or not having documentation will in no way stop their employer from firing them with no reason given.
Back in the day when I worked at Dell, accountants decided that Dell needed to reduce their workforce by 10%. At the time, that meant that 8000 people needed to be laid off. So to make it "not personal" they decided to select a specific pay grade, and then lay off everyone in that pay grade. It had nothing to do with work performance. I saw people (myself included) that produced millions in revenue for Dell, lose their jobs.
So if documentation (or the lack thereof) doesn't contribute to job security, what does it do?
Documentation ensures that processes are efficient, consistent, and scalable. Documentation ensures critical business processes survive the loss of personnel or resources.
Documentation ensures that you can go on vacation, and that the person that has to do your job while you are away, does not develop a personal dislike for you. It also keeps your phone from ringing on your time off. Most importantly, unless you have a photographic memory, documentation helps you keep knowledge organized and available when you need it.
Make the time to document your business processes. You will be glad you did.
I can understand why in some situations we might need a "hard copy" of a document. But in my line of work, I see people print a lot of things that don't need to be printed. I generally tend to print things to a PDF file and then read them on my laptop or tablet. Where I see the biggest part of the problem is when business have to print documents that require "original signatures" to make them valid. I consider this to be a failure of the encryption and authentication methods used today by IT.
If we had a secure and easy to use method of identifying ourselves via a cryptographic token, and the method was legally accepted by the US Government and business, I'm sure the pile of paper I had to deal with the last time I bought a house would be reduced drastically. We do have methods for signing a PDF file with a cryptographic token, but I don't think the legal system has caught up with it yet. Also the technology is not as wide-spread as it should be.
The most important reason for configuring network segmentation is improving network security. Network segmentation involves dividing a computer network into smaller more manageable parts. This helps limit any damage if there's a security breach and can help prevent unauthorized access to important data or systems. Segmentation can also help to contain security problems by stopping threats from spreading.
Firewalls can be used to monitor and control incoming and outgoing network traffic based on predetermined security rules, to regulate the flow of data between different segments, and to enforce security policies at the boundary of each segment.
Intrusion Detection and Prevention Systems (IDPS) can be deployed to monitor network traffic, detect potential security threats or violations, and take proactive measures to prevent security breaches.
Implementing antivirus, anti-malware, and encryption solutions helps to safeguard data and communications within each network segment.
Knowledge of cybersecurity principles, best practices, relevant industry regulations, compliance standards, and emerging threats is important for identifying potential vulnerabilities and security measures to protect against cyber-attacks.
Proficiency in IT infrastructure management, including hardware, software, and network administration, is necessary for deploying and maintaining the software and hardware components required for network segmentation.
Having skilled professionals with expertise in these areas will contribute to the successful implementation and management of network segmentation, ensuring that the network remains secure, resilient, and capable of supporting the organization’s operational requirements.
However, my reason for liking iOS is simple. After a long day of
supporting Linux servers and end-users, and dealing with other people's
IT problems, the last thing I want to do is come home to IT problems. I have plenty to do at work. Bringing IT stress home is counter-productive.
I
have an iPhone and an iPad, and I've never had a problem with
any of these devices. The way they are designed allows me to perform
the tasks that I want to perform without any issues, and without me
having to fix, side-load, tweak, configure, or otherwise mess with,
iOS in any way. I use Apple's Apps, and they just work. If I want
to self-induce an IT headache, I have a Windows 11 Laptop for that. If I
want to see a computer that just works, I have a Linux PC and Linux
servers for that. I'd rather leave all the IT stress at work where it
belongs.
I tried Android once a few years ago and I did not like
it. It made me work, by having to spend time configuring things and
making them work. Also, the applications just didn't look as good as their iOS counterparts, nor did they seem as intuitive to use. I was using a Samsung Galaxy S10 (when it was new) and as an end-user, I just wasn't impressed. Someone suggested that I wanted to look into
side-loading some apps and hacking something.
No. Just, no.
