Operationalizing your Security with Symantec Workflow

In his first keynote as CEO of Symantec, Enrique Salem presented a new idea entitled “Operationalizng your Security” and talked about one of the tools in the Symantec Product set that can do this for you.

I learned a lot as I read through this speech.  First I did not know he was the eighth software developer for Peter Norton Computing.  After his first aquisition by Symantec, Mr. Salem left to go work at Brightmail and was once again aquired by Symantec.

As a side note it is great seeing a CEO of a tech company as large as Symantec also being someone who understands and uses technology.

But back to Operationalizing your security

Mr. Salem argues the current way of doing security is not working and backs it up with some interesting stats:

In 2008, we created more than 1.6 million new malicious code signatures. That’s more than
we’ve created in the last 17 years combined…
In the 30 minutes that I’m speaking this morning our
software will stop nearly 200,000 attacks globally around the Internet.

Scary stats, and Symantec is just one company creating virus signatures.  And this will probablly only grow more and more.

Mr. Salem lays out how security is being applied today:

1. Low-level administrators end up being the de facto “policy setters”
2. Security is done piecemeal
3. You’ve got silos
4. Lack of visibility into your risk posture makes prioritization challenging

When I worked as a network administrator for a private bank, this is exactly how the company ran.  We ran a competitve anti-virus product thatt didn’t always update correctly so I had to run around and make sure the servers were updating and patching, the clients were updating and patching etc…  Even though it was small (70 employees), if the security was operationalized things would have been much smoother and simpler for me.

Mr. Salem defines operationalized seucrity as being “risk-based, information-centric, responsive, and workflow-driven.”  He goes on to elaborate on each of the themes, but the key one for me and what I do for a living is workflow driven.

With the Symantec Workflow product being able to hook into so many products (whether or not they are Symantec products) you can create a process that reacts to the changing world of security.  In fact your process might even become proactive.

Think about it:  There is a patch that needs to be applied to correct a zero-day exploit.  I have a change management process that accounts for emergency changes.  I utilize my workflow process to move through the emergency change process for approval, create the patch delivery jobs, push the patches and log the successful installs/reboots into the change request form.  In fact just case a patch went wrong, I took a snapshot with Backup Exec System Recovery so I could restore that snapshot to a virtual machine to recover.  All done through the power of a workflow process.

Security needs to evolve to the next level, it needs to become a core process driven part of any organzation.

The PDF where I read the speech is attached enrique_salem_rsa_2009_keynote_speech_4-21-09

Enough with the prosecutions and investigations

I’ve read several places that President Obama is open to the idea of investigating and potentially prosecuting members of the Bush’ cabinet that authorized the use of torture at Gitmo and other places. By doing so we are crippling our intelligence community and also crippling those who server for the President.
Imagine the precedent this sets. One President disagrees with the policies of the former President, so he launches an investigation of his/her staff. Pretty soon, no one is willing to advise the President on anything for fear of being investigated and vilified.

Gwibber vs. choqoK

I have been trying to figure out what  I feel is the best microblogging tool for my use.  I am currently running Kubuntu 9.04 with the latest and greatest updates.  There seems to really be two clients people in the Ubuntu world use with the primary being Gwibber.  Hopefully I can do justice comparing the two products to each other.

I’ve always liked gwibber and how it works.  Gwibber allows you to connect to multiple accounts, examples being twitter and identi.ca.  The problem I have here is the update is sent to the same service, that is twitter and identi.ca receive the same updates.  This can be both good and bad.  I have different types of people that follow my Twitter account then my Identi.ca accounts.  Most of the people who follow me on twitter do so for things I post about my day job, and the people that follow me on identi.ca follow me because of the stuff Ubuntu and Open Source related.  (Actually I have no idea why people find me interesting at all, but that’s another story).  Sometimes the same people follow the same stream,  however most people on Twitter seem to be interested in things outside Ubuntu and Open Source software.  My work also uses Twitter and I update my work’s twitter account.  I haven’t been able to figure out how to seperate the tweets/dents/whatever you call between the work account and the non-work account.  I can do all of this in choqoK.

The best part of gwibber is the built in search for the different #hashtags for both Twitter and Identi.ca.  Also clicking on a person’s name brings up that indviduals accounts.  For my day job I work on the Symantec product set and would love to have the same in choqoK.  In Gwibber I can follow the #hastag #symantec and see what others are saying, and have followed new people due to that.

There is a KDE4 version of choqoK and I love that.  Gwibber is written in GTK+.  Based 0n your preference use the one you want, but on my Dell Mini 9 which has only KDE4 goodness on it, choqoK fits the bill.

Of course there is the silly spelling of choqoK to make sure you understand it is a KDE app.

Thoughts?  Comments?

What do the “torture” memos prove?

The Wall Street Journal has a very interesting editorial on what the memos recently released by Obama administration state about the torture techniques used by the CIA and others at Gitmo.

So what was waterboarding from the article:

The memos are also revealing about the practice of “waterboarding,” about which there has been so much speculative rage from the program’s opponents. The practice, used on only three individuals, involved covering the nose and mouth with a cloth and pouring water over the cloth to create a drowning sensation.

And the article continues on that the memos state the technique could only be used for about 40 seconds.

Remember the article from the International Red Cross about the United States “walling” terriorists by slaming them into a wall:

An Aug. 1, 2002, memo describes the practice of “walling” — recently revealed in a report by the International Committee of the Red Cross, which suggested that detainees wore a “collar” used to “forcefully bang the head and body against the wall” before and during interrogation. In fact, detainees were placed with their backs to a “flexible false wall,” designed to avoid inflicting painful injury. Their shoulder blades — not head — were the point of contact, and the “collar” was used not to give additional force to a blow, but further to protect the neck.

Wow imaging that, we were actually protecting the neck, not injure the neck.  If these points are true, where is the Red Cross’s apology for spreading false stories?  Where is the rest of the people who spread these tales apologies?  I won’t hold my breath waiting on these.

In fact as the article contiues:

All of these interrogation methods have been adapted from the U.S. military’s own Survival Evasion Resistance Escape (or SERE) training program, and have been used for years on thousands of American service members with the full knowledge of Congress. This has created a large body of information about the effect of these techniques, on which the CIA was able to draw in assessing the likely impact on the detainees and ensuring that no severe pain or long term psychological impact would result.

So do we torture our own troops when we submit them to the SERE training?  And these things happen with full knowledge of Congress?  Imagine that…..

Have you prayed for the President Obama lately?

I am caught up in the bashing of the President way to often, even here on this site.  I have at times forgotten to pray for our President.  To pray that he makes wise decisions and that he seeks Godly council when he needs to make those decisions.  It was easy to pray for President Bush, a guy who wore his faith openly and publicly.  He was one of “our” guys, Christians could claim him, not only was he Republican but he admitted more openly then some presidents did to being a man of faith.  I remember there were bumper stickers and pray for the president clubs.  I don’t see this for the current president and have been convicted of late to pray for him.

Just because I don’t agree with the President, just because I don’t think he isn’t making the right decisions doesnt’ mean I shouldn’t pray for him and it shouldn’t mean that other Christians shouldn’t be praying for him either.  Don’t pray for bad things to happen for him, don’t pray for his defeat, or for him to fail.  We as a country can’t afford his presidency to be a failure.

So next time you as a Christian start to bash the President, say a prayer for him.  No that doesn’t mean you can’t be critical of him, but as the leader of the our Country, he needs our prayer just as much as the last guy did.

President Obama’s Agenda

I am stealing the title for this post from what I thought was an excellent article in the Washington Post by Charles Krauthammer.  In this article, Mr. Krauthammer makes some very good points on what exactly is the agenda the President is really after and what he really wants to do.  President Obama is about leveling the playing field.  Making sure the distance between the rich and the poor, the haves and have nots is wiped clean.  Mr. Obama’s policy is about fairness.

I learned at an early age that life isn’t fair and I wonder why this lesson did not stick with the President.  Some people have jobs, some do not.  Some people make more money then others.  It is just life.