So lately I have been harping on the whole Pirates versus Ninja thing. IT Ninjas are tasked of course with protecting your super secret corporate data from the Pirates who would plunder that booty. Now here at Tripwire I speak to Ninjas all day long. And lately its been all about compliance and IT audits. Now after the sales person does their whole this is why you should buy Tripwire, and I do my whole and this is why Tripwire is better than everyone else technical thing it comes down to the discussion of money and this is where the Ninja ALWAY finds themselves in trouble. “Well lets just cover the servers and devices that are in scope…” they always say. A form of cost protection I suppose.
“Arrgh!” is what the Pirate would say. Thats right just do the server that are in “scope” never mind all of the servers or devices around said “in scope” servers. Nevermind that once the pirate has his/her beach head into your network they have plenty of time then to storm the fortress…(do Ninja’s have fortresses?)
And don’t get me started about Virtualization. “We’ll just protect the virtual machines.” says the clueless IT Ninja… “What about the hypervisor?” I want to scream… Virtualization Security demands that you protect everything including the host, and the network devices, and all of the doo dads connected to it. Here is a little snippet from this article that emphasizes the point… http://searchsecurity.techtarget.com.au/articles/30057-Virtual-machine-security-creates-new-cloud-plays
“Virtualization security is currently composed of three areas: configuration management, network security and virtualization host hardening, according to Edward Haletky, the owner of Wrentham, Mass.-based AstroArch Consulting Inc.
“If you have all three of those, or even one of those, you’re a step above everybody else,” Haletky said. “At the very least, a business should follow hardening guidelines and have virtualization-aware network security in place. But that’s not complete virtualization security, and it’s not sufficient from my perspective. If you’re going to secure a virtual machine, you need to secure anything that directly or indirectly touches a virtualization host,” he emphasized.”
So there you have it IT Ninjas. If you limit your “scope” too much in the name of saving money all you are doing is putting your booty out there for the Pirate to grab, and if he does its no ones fault but your own…