Welcome!

You will be redirected in 30 seconds or close now.

ColdFusion Authors: Yakov Fain, Jeremy Geelan, Maureen O'Gara, Nancy Y. Nee, Tad Anderson

Related Topics: ColdFusion

ColdFusion: Article

Security Matters

Is more always better?

It seems that not a week goes by without another story of a major organization inadvertently leaking private data. In one recent week, representatives of a Rhode Island government agency reported that tens of thousands of credit card transactions on a government-run site had been stolen by Russian data thieves. In the same week, the private firm, Providence Home Services, announced that backup tapes of patient records - some 365,000 of them - had been stolen from one of their employees' car.

Horror stories like these leave executives dizzy with fear of the liability they could bear if sensitive customer data were to be exposed. Network administrators, too, feel the pressure to ensure that such breaches will not happen on their watch. But fear rarely leads to wise decisions and, in the case of security, management too often neglects to examine the security risk profile of their organization, opting instead for a security paranoia that can lead to the equivalent of a security lockdown.

A recent experience got me thinking about the hidden costs of security. A network administrator, rightly concerned about maintaining security within the company, instituted a series of policies that made the business of software development very difficult to carry out. Networks were locked down to specific MAC addresses, and outside source control repositories were portrayed as disasters waiting to happen. At one point, the idea of using Superglue to seal USB ports (to prevent unauthorized data removal) was seriously discussed.

It would be both easy and inaccurate to view this as the sole result of an overzealous network administrator. Worse, such a simplistic analysis that localizes blame prevents the organization from examining the security choices that are being made. If we are to make sane choices, we must first recognize that choices are being made.

It's often assumed that where security is concerned, more is always better. But is it? The discussion (if there is any discussion at all) over the amount, type, and degree of security needed is skewed by the lack of differentiation between the risk profiles that different organizations have. Certainly where such things as payroll, credit card, social security, or health data are concerned, the need for data security is paramount. But for software development houses, the real damage of losing source code or employee contact information is much, much less. The problem is that the same solution is often urged for both types of risk profiles. "More is better" only works if we fail to recognize the real cost of security.

Thought leaders in the security community often come from the type of environments described above where it would be hard to overstate the validity of security concerns. Security conferences, security whitepapers, security briefs all detail the possible ways security can be compromised and this mindset filters down to network administrators. We can't blame them for wanting to do their job well!

An appropriate security response is impossible without a clear understanding of the risk profile of the company. Unfortunately, talking about risks is often unpopular. One tool I've found to be very helpful in thinking clearly about risks is what I call the "postmortem game." It's played like this: imagine that at some point in the future, a catastrophe occurs. It could, for example, be the failure of a project, a large initiative, or even an entire company. If you've ever been involved in such a failure, you may have also been involved in the obligatory "postmortem" where concerned parties meet to try to understand why the failure occurred and to determine how to prevent its reoccurrence. At their worst, postmortems are exercises in affixing blame to certain individuals. But such "analysis" is a terrible mistake for it deprives the organization from understanding the real nature of such failure.

Edwards Deming, the legendary management consultant often credited as the person who transformed Japanese products from the decidedly inferior perception they held in the 1960s to their present lofty status, had much to say about the nature of failure. Deming recognized that in a complex system such as a business, a significant failure is almost always a part of the system itself, not of individuals.

Quality (or the lack of it), he asserted, is built into the system. To illustrate this, audience members at his lectures were asked to come to the stage to participate in his "red bead game." Players were given special paddles that were used to draw small red and white beads from a large bowl. The paddles were designed to hold exactly 50 beads.

The players had no control over which beads fell into the cavities in the paddles. The ratio of red beads to white beads was fixed so that, over time, each draw of the paddle averaged 40 white beads and 10 red beads.

The goal given to the players was to draw as many white beads as possible. Players whose draws selected more white beads were praised while those whose draws selected too many red beads were criticized. White bead players were given promotions, made "Employee of the Month," given "bonuses," and even selected as management material, while their red bead counterparts were scheduled for special training, received bad reviews for their performance, and even risked firing. To inspire better performance, banners signaling that "Quality is Job # 1" were installed, but since the outcome of the draws was outside of the players' control, no amount of "management programs" could possibly affect the outcome. The "red bead game" was a powerful illustration that success or failure is determined by the system, not the individual.

But postmortems don't have to go down this dreary route. Instead, they can be used to find ways in which the system produces undesirable results. In the "postmortem game," failure is imagined - and players are asked why such failure occurred. They are, in effect, asked to uncover the most likely risks of failure. Given the imaginary nature of the failure, there are no individuals to blame. Instead, the players find themselves analyzing the viability of the system. The "postmortem game" can produce a remarkably clear risk profile and lead to discovering ways to improve the system so that failure remains imaginary.

What does this have to do with security? I recommend that you and your colleagues try the "postmortem game." What role does lack of security play in possible failure? If it plays a significant role, you will know that security ought to be a major concern. Often, though - especially with software development - other reasons come to the fore: lack of product acceptance, slowness to market, etc. Now, we can begin to examine the costs of excessive security.

What are those costs? Lack of productivity is one of the chief ones. Developers may find that the constant drag caused by excessive security undermines their best efforts. Implementing security that imposes draconian restrictions is like weighing down an athlete. Performance cannot help but suffer.

Worse, developers may lose their enthusiasm for producing great software. Working against constant friction imposed by security constraints can sap even the most energetic of developers.

There is another kind of friction - that which occurs between different departments. Developers will resent the network administrators who make their work so difficult while network administrators will be upset that developers seem so heedless of the need for security. Infighting and conflict results. Relations are strained. But the real cause for these problems is the failure of management to (1) properly assess their company's risk profile and (2) communicate this throughout the company.

One of management's key tasks is mediating between competing interests such that decisions in the best overall interest of the company are made. The amount, type, and extent of security within an organization are issues too crucial to be left for any single department to decide upon. Where security is concerned, a na•ve posture that "more is better" places the entire system at risk and may produce a result where the "postmortem game" is no longer an imaginary one.

More Stories By Hal Helms

Hal Helms is a well-known speaker/writer/strategist on software development issues. He holds training sessions on Java, ColdFusion, and software development processes. He authors a popular monthly newsletter series. For more information, contact him at hal (at) halhelms.com or see his website, www.halhelms.com.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


IoT & Smart Cities Stories
CloudEXPO | DevOpsSUMMIT | DXWorldEXPO are the world's most influential, independent events where Cloud Computing was coined and where technology buyers and vendors meet to experience and discuss the big picture of Digital Transformation and all of the strategies, tactics, and tools they need to realize their goals. Sponsors of DXWorldEXPO | CloudEXPO benefit from unmatched branding, profile building and lead generation opportunities.
DXWorldEXPO LLC announced today that Big Data Federation to Exhibit at the 22nd International CloudEXPO, colocated with DevOpsSUMMIT and DXWorldEXPO, November 12-13, 2018 in New York City. Big Data Federation, Inc. develops and applies artificial intelligence to predict financial and economic events that matter. The company uncovers patterns and precise drivers of performance and outcomes with the aid of machine-learning algorithms, big data, and fundamental analysis. Their products are deployed...
All in Mobile is a place where we continually maximize their impact by fostering understanding, empathy, insights, creativity and joy. They believe that a truly useful and desirable mobile app doesn't need the brightest idea or the most advanced technology. A great product begins with understanding people. It's easy to think that customers will love your app, but can you justify it? They make sure your final app is something that users truly want and need. The only way to do this is by ...
Digital Transformation and Disruption, Amazon Style - What You Can Learn. Chris Kocher is a co-founder of Grey Heron, a management and strategic marketing consulting firm. He has 25+ years in both strategic and hands-on operating experience helping executives and investors build revenues and shareholder value. He has consulted with over 130 companies on innovating with new business models, product strategies and monetization. Chris has held management positions at HP and Symantec in addition to ...
Dynatrace is an application performance management software company with products for the information technology departments and digital business owners of medium and large businesses. Building the Future of Monitoring with Artificial Intelligence. Today we can collect lots and lots of performance data. We build beautiful dashboards and even have fancy query languages to access and transform the data. Still performance data is a secret language only a couple of people understand. The more busine...
The challenges of aggregating data from consumer-oriented devices, such as wearable technologies and smart thermostats, are fairly well-understood. However, there are a new set of challenges for IoT devices that generate megabytes or gigabytes of data per second. Certainly, the infrastructure will have to change, as those volumes of data will likely overwhelm the available bandwidth for aggregating the data into a central repository. Ochandarena discusses a whole new way to think about your next...
Cell networks have the advantage of long-range communications, reaching an estimated 90% of the world. But cell networks such as 2G, 3G and LTE consume lots of power and were designed for connecting people. They are not optimized for low- or battery-powered devices or for IoT applications with infrequently transmitted data. Cell IoT modules that support narrow-band IoT and 4G cell networks will enable cell connectivity, device management, and app enablement for low-power wide-area network IoT. B...
The hierarchical architecture that distributes "compute" within the network specially at the edge can enable new services by harnessing emerging technologies. But Edge-Compute comes at increased cost that needs to be managed and potentially augmented by creative architecture solutions as there will always a catching-up with the capacity demands. Processing power in smartphones has enhanced YoY and there is increasingly spare compute capacity that can be potentially pooled. Uber has successfully ...
SYS-CON Events announced today that CrowdReviews.com has been named “Media Sponsor” of SYS-CON's 22nd International Cloud Expo, which will take place on June 5–7, 2018, at the Javits Center in New York City, NY. CrowdReviews.com is a transparent online platform for determining which products and services are the best based on the opinion of the crowd. The crowd consists of Internet users that have experienced products and services first-hand and have an interest in letting other potential buye...
When talking IoT we often focus on the devices, the sensors, the hardware itself. The new smart appliances, the new smart or self-driving cars (which are amalgamations of many ‘things'). When we are looking at the world of IoT, we should take a step back, look at the big picture. What value are these devices providing. IoT is not about the devices, its about the data consumed and generated. The devices are tools, mechanisms, conduits. This paper discusses the considerations when dealing with the...