NetMan/Security vendor, and now part of the Thoma Bravo empire (watch out China!) SolarWinds, AKA SW, has sent us a timely reminder that this leap year has resulted in Feb having an extra Monday – AKA today – so what to do with it and improve the life of an IT pro at the same time?
Apparently the answer is NOT to go down the pub.. How times have changed -) Well, Leon Adato, SW “Head Geek”doesn’t actually state not going down the pub, simply that the extra Monday should be used for educating employees
on cyber-security and how to take care of their IT equipment, so that doesn’t exclude a pub session I guess? For those who think this is all passé, simply walk through a train and see how many people leave their laptop/smartphone unattended and open, while going for a coffee or to the loo. Adato also talks about the issues around poor network configuration still being a problem and this is something that was emphasised in a meeting last week with John Rakowski of AppDynamics and the importance of automating configuration management and performance management – more on this tomorrow… Going back to SWs Adato, he makes the point – one that is wholly relevant to the “open laptop on train” scenario – that “
the best way to mitigate the risk of human error is to make staff aware of the impact their actions can have and put security at the heart of their responsibilities” – true, but another one is also to ensure compliance with all security elements, PCI and otherwise, something I’ve been speaking with the guys at NewNetTechnologies about.
So it seems, as Spring of 2016 is close to arriving, that the education aspects of IT security are as relevant (and lacking) as ever. At the same time, with vendors trying to disrupt the market – cloud vs endpoint anybody? – the IT/security admin manager is understandably in an increasing state of confusion – something I spoke of in depth in a recent meeting with Sophos’s Chet Wisniewski, highlighted in a recent blog.
SWs Adato is therefore largely hitting the right notes in his extra-curricular Monday security advice column, However, it’s just something towards the end of the missive that makes me think maybe he has been down the pub after all -)
He talks, rightly, about how often the excuse for having a weak password is because a user can’t remember a “difficult” one. So here’s his suggestion to avoid the mixed-case (not wine) and numerals nightmare we are often confronted with – and that is, in his words: “to s
et a fun challenge of coming up with four random words and joining them up, and creating an image in your head to remember them all. For example, take these completely unrelated words ‘flag, castle, dog and pizza.’ On the surface these are four completely random words which would be difficult to remember but if you painted a picture in your mind of a dog eating a pizza in a castle with a flag, it will be much easier to remember.”
Now we’ve all seen that one on Bognor beach haven’t we… Sounds like one hell of a good drinking game though -)