Thinking about Security Differently
Large companies have “office-land security” programs; small companies have off-the-shelf security tools. Neither approach is sufficient to stop a committed thief or enemy. No security system is perfect because security is a process, not an end result. It is like a cat-and-mouse game—every security measure has a countermeasure, which in turn leads to a new security measure, and so on.
The best approach to security, I think, is “defense through discouragement.” This is the premise we use to defeat car thieves: make it too difficult or expensive or time consuming to rip us off, and the would-be thief will hopefully move on to an easier target. Your objective is to not be that easier target!
There is some truth to the adage that locks on a door will never keep thieves out; they just keep honest people honest. Most crimes are crimes of opportunity, so if you use your common sense and keep your “situational awareness” alert, you’ll stop most security problems before they begin.
Thwarting the opportunistic thief doesn’t stop all thieves, however; nor are thieves your only worry. Your security will be compromised somehow, someday—so another key idea to incorporate into your thinking is a recovery plan. What happens after the unthinkable happens? What can you afford to lose? What can be replaced, if stolen? And what is literally irreplaceable and absolutely essential to continuing to be in business?
The “key” (no pun intended) to effective security is ...
Get You've Got to Be Kidding!: How to Keep Your Job Without Losing Your Integrity now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
