I just did a trip back from Asia, complete with multiple layovers of 3+ hours each; so I’m feeling nicely out of step with my own time zone. When I was surprised with a reminder to publish a blog post, it seemed appropriate to tie the two ideas together.
While lots of people swear by certain chemicals, drinks or just don’t think they have a problem, others of us struggle to cross the date line with our brains still remotely connected. So, I’m going to take the common advice for jet lag; and translate it into security basics.
Be well rested – although it’s easy for security practitioners to end up working far too many hours; and end up less effective as a byproduct; your security today is only as good as the health of the humans behind it. Make sure the practitioners take their vacations, keep their work hours sane, and have some opportunities to change their perspectives.
Reset your mind to local time – It’s easy when you travel to think about the habits you had in your home base; and how those are disrupted. That doesn’t improve your ability to do what you need to do in your current location. Keep your mind on when and where you are, not where you’ve been or would rather be. In addition, pay attention to the problem you are trying to solve or the goal you are trying to achieve. If what you did yesterday was for something different, maybe it’s not applicable to today’s focus.
Stay in shape – if you have habits that are healthy habits, whether that’s weight lifting and running for your physical body, or log and user management for your corporate network; patches and firewalls up to date and tuned; keeping a healthy set of smart habits can help you cope with change, and maybe even set a PR for improving your companies’ security posture.
Wear comfortable shoes and clothes / dress for your destination – for security this translates into know the tools you have, and how they work so you get the maximum effectiveness out of them. The most whiz bang tool in the box that you don’t know how to use is not nearly as effective as a tool you’ve mastered. Much like expensive dress shoes and high heels are useless at a beach, the new, shiny, expensive, DLP solution is useless if you don’t have a secure configuration. However, that doesn’t mean don’t get new tools – it means find ways to get the most out of the tools you select for your environment. Maybe get some Professional Services to tweak the tools to better operation in your environment, or try training courses. Just don’t waste good opportunities to maximize your value.
Move around on your plane ride – when something happens that impacts the security you are responsible for, don’t get locked in to one way of looking at the data. Or even one long day of forensic spelunking. Look for opportunities to change the lens you are using to understand what is happening; and maybe trigger new information or possibilities previously not seen.
Use sleeping medications wisely or not at all – Everyone has a unique response to environmental changes and what works beautifully for one person may not work for another. This is true with silver bullets of security tools and techniques as well as sleeping aids. Just like you should always test sleeping aids or other drugs before you leave for your trip; you should test tools, technologies and philosophies in a non-production environment and tweak to get the desired results.
What do you think? Is the prescription for jet lag similar to the one for security, or do I need to go get some sleep?