Saturday, January 29, 2011

On Virtual Internet Experience and Good Hygiene...

I was reminded yesterday of my tracking of Invincea. Virtualization -great strategy! I'd like to offer a few thoughts however, as with any application, remember this.. architecture counts, as does basic system hygiene. Hygiene is the process of keeping systems up to date, patches installed, antivirus up to date, etc.  Realizing there are probably 400 things that need to be kept up to date to keep your networks from stinking like bad breath, and only one needs to go wrong to allow in hackers, System hygiene is one of the hardest things, but one of the most important things, to do. In fact, I'd argue that ensuring the basics of system hygiene are far more important than applications you might buy. Pay attention to how applications get deployed- especially virtualization, and you'll have better results in the end.

I've seen several schemes for virtulization of the users' internet experience. Please don't get me wrong. I'm a HUGE fan of the strategy --so long as it's implemented correctly. IPS alone wasn't the panacea; nor will virtualized internet experiences. How does this get accomplished? Think about the kinds of things users must (or want) to do. What things do they need to do to not feel pain of virtualization? They need to browse, share email, download. They need to move information from the virtual space (for internet use) to the corporate network. So now we've moved from the realm of a virtualized internet experience to a need to move information to and from the corporate intranet. How does this happen? Good system hygiene and architecture. The basics of defense in-depth, and dedication to keep those items clean an up to date (hygiene).

Bottom line. VCs tell startups "Sell across the street before you sell across the ocean".

I'd tell admins and CIOs, Practice good hygiene before you spend money on more advanced infosec offerings promising to stop advanced persistent threats. Ya can't get there from here.