Growing up in Revere, Mass., taught me some very simple lessons about information security.

Note: When people hear the name Revere, they think of these things: Paul Revere’s ride, guns, the IROC-Z automobile, lots of gold chains and language that doesn’t include the letter r at the end of a word.

Information security? You probably think I’ve lost what little sanity I had.

But I’m serious.

Revere incident 1: Me and two friends are followed a quarter-mile up the beach and pounced upon because I apparently said something someone mistook as an insult against his girlfriend. I escape unharmed because I’m a fast walker. The other guys get battered.

Lesson: If you insult someone’s favorite operating system or device — Apple or Linux, for example — prepare to hear from them in force. Especially if you suggest their tech is weaker from a security perspective. But if you’re faster than they are, all will be well.

Revere incident 2: I’m walking the beach at night, past rows of parked cars. The owners of those cars stand in front of the vehicles and look tough. I give one of them an insulting snare and he confronts me with “You got a problem?”

Lesson: If someone walks up and asks “You mad, bro?” — run.

Revere incident 3: Not exactly an incident, but an observation: A lot of the folks hanging out on Revere Beach in the 1980s wore pants that were full of patches. Yet there were always holes elsewhere, exposing body parts in unfortunate ways.

Lesson: Patch all you want. But if you fail to close up holes in more vulnerable places, a hacker will sucker punch you there sooner or later.

Revere incident 4: It’s February 1978 and a 20-foot wall of sea water rises over the beach wall across the street, right as my father is finishing up the task of shoveling a drive-way full of snow that in hindsight may have been a useful barrier. I look out the living room window and see him throw the shovel up in the air and run toward the house, an angry ocean chasing after him.

Lesson: Just because you have a firewall in place doesn’t mean it’s going to work. And if other layers of security are not in place (or removed by someone who thinks it was a good idea at the time), the network will be owned, just as the ocean decided to own our basement.

Revere incident 5: I have a wild party in the basement of my house. I wake up the next morning to find that a pile of change and two packs of cigarettes have gone missing from the top of my dresser.

Lesson: Don’t let people inside your environment without a thorough background check, especially contractors and job applicants who appear to have an angry streak. The one that slips through may well be the malicious insider who robs the network of all your intellectual property.

At age 18, a pile of coins and 2 packs of cigarettes were really all the intellectual property I had.

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *