Find out how three specialists see the issue

Jul 14, 2008 12:42 GMT  ·  By

If you were to choose a metaphor to compare network security with, what would it be? Would you compare it to a chain that is as strong as its weakest link, or would you compare it to an impenetrable fortress? Well, here are the opinions of some of the best known security specialists in the business.

For Whitehat Security's CTO (Chief Technical Officer), Jeremiah Grossman, network security could be compared to placing several slices of Swiss cheese one on top of another. Individually, the slices have holes, but the wholes can be covered by stacking them together. "No single layer of security is impenetrable; each protects certain areas and misses others. In a layered approach each slice (defense-in-depth) attempts to cover up the holes in the one below it," says Grossman as cited by NetworkWorld.

Becky Bace from Trident Capital associates network security with the health care system. You need it as a child, you need it as a young, and you definitely need it in your old age. A person that neglects health related issues is definitely more prone to dangers than others; also, there are several types of health care specialists, according to the health issue at hand. "One of the points of this analogy that I like the most is the notion of specialty coverage from womb (obstetrics) to undertaker (forensic pathology), for good security has that level and range of involvement," says Bace.

According to Taher Elgamel, CTO with Tumbleweed Communications, it all boils down to network access. Think of the network as a fortress and the security solution as a royal guard. "Security needs to act like a royal escort, opening up the computing environment while keeping security risks out by personally guarding the king's treasure (or sensitive data in 2008) at all times so it never falls into the wrong hands," says Elgamel. Protecting the fortress by putting up impenetrable walls is no longer a viable security measure.