[Previous] [Next] - [Index] [Thread Index] - [Previous in Thread] [Next in Thread]

Subject: Re: UKNM: Onffsite Applications - Security and trust
From: Chris Heathcote
Date: Fri, 30 Jul 1999 16:54:22 +0100

(off-topic, but hey)

At 9:49 am +0100 on 29/7/99, Chetan Damani wrote:

>How can we convince people to move there applications offsite. security and
>trust wise..?

This is what I'd look for (off the top of my head):

Physical access:
24/7 security, passcard, PIN number *and* pref. biometric security
(Globix have fingerprint readers), constant video monitoring of racks
and access to racks.

Virtual access:
Good trusted (independently tested?) firewall
Authentication to server better than plaintext passwords (ie. SSL +
maybe digital IDs)
Box locked up sufficiently for most hackers (ie. no telnet access,
shell accounts use different passwords to mail/FTP/whatever, strong
password policy (and much more))

No unencrypted data *ever* kept on the server
proper regimented testing of software for security flaws/backdoors

As for convincing them that you yourself are not hooky, references,
past clients etc. all help.

There are Government security classifications (eg. US C2 level), but
I think you'll find getting your systems tested will be prohibitively

NDAs strike me as security through obscurity, and therefore no security at all.

If you want lots of techies on the case, I'd recommend the squack list
http://www.pineal.com/ , but be prepared for long arguments about
your choice of OS :)

"I am not a geek, I am a Renaissance nerd"
http://www.head-newmedia.com http://www.head-space.org
UKNM is sponsored by Excite UK, visit us at http://www.excite.co.uk.
Email Khalil Ibrahimi khalilatexcitecorp [dot] com (mailto:khalilatexcitecorp [dot] com) to advertise on Excite.
Change your UKNM subscription use http://www.chinwag.com/uknm.html

  UKNM: Onffsite Applications - Security a, Chetan Damani

[Previous] [Next] - [Index] [Thread Index] - [Next in Thread] [Previous in Thread]