Dr. Dobb's is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


Channels ▼
RSS

Top 10 Reasons Security Products Don't Work

By Dark Reading Staff, August 30, 2006

There's no silver bullet for preventing attacks.

8. Users do too much "tuning" of the product's functionality

Once they've got a new security product in place and properly configured, IT staffers should beware of doing so much "tuning" and customization of the product that they effectively limit its functionality, experts say. If you tinker too much with the tints and hues on your television, sometimes you can lose the whole picture.

"In larger companies with multiple administrators, what sometimes happens is that one administrator will write a 'deny all' policy that somehow ends up at the top of the policy rules," says Roeckl. "One bad policy can affect the rest of the rule set and effectively disable the whole system."

Lancope's Anderson agrees. "Sometimes, [administrators] make assumptions about what they'll need and don't need, and that will cause them to turn off important functions of the product," he says. "Some companies use a product for a long time before they become aware that some key functions have been disabled."

When an enterprise changes security administrators or staff, sometimes the new people don't understand how their predecessors have written the rules or policies in the product," Anderson notes. "The 16th rule of 200 may be the one that turns all the rest of them off," he says. "When you start changing rules, you need to understand the impact."

Some IT departments turn off key functions in their security products because their users complain that the functions make it too hard to log on or navigate the network," observes Griffin. "They may disable key security functions so they don't impact the convenience of accessing the network. It's up to the organization to assess the risk of disabling core functions in a [security] product."

Bottom line: Be sure you understand the potential impact of any change you make in the rules or settings of your security products. Experts say it's a good idea to have a third party check your security applications and appliances every 6-12 months, to ensure that you're using the full functionality of a security product and haven't turned off any core functions.



Previous 4 5 6 7 8 9 10 11 Next

Related Reading

News

Commentary

Slideshow

Video

Most Popular

More Insights

White Papers

More >>

Reports

More >>

Webcasts

More >>
INFO-LINK




Currently we allow the following HTML tags in comments:

Single tags

These tags can be used alone and don't need an ending tag.

<br> Defines a single line break

<hr> Defines a horizontal line

Matching tags

These require an ending tag - e.g. <i>italic text</i>

<a> Defines an anchor

<b> Defines bold text

<big> Defines big text

<blockquote> Defines a long quotation

<caption> Defines a table caption

<cite> Defines a citation

<code> Defines computer code text

<em> Defines emphasized text

<fieldset> Defines a border around elements in a form

<h1> This is heading 1

<h2> This is heading 2

<h3> This is heading 3

<h4> This is heading 4

<h5> This is heading 5

<h6> This is heading 6

<i> Defines italic text

<p> Defines a paragraph

<pre> Defines preformatted text

<q> Defines a short quotation

<samp> Defines sample computer code text

<small> Defines small text

<span> Defines a section in a document

<s> Defines strikethrough text

<strike> Defines strikethrough text

<strong> Defines strong text

<sub> Defines subscripted text

<sup> Defines superscripted text

<u> Defines underlined text

Dr. Dobb's encourages readers to engage in spirited, healthy debate, including taking us to task. However, Dr. Dobb's moderates all comments posted to our site, and reserves the right to modify or remove any content that it determines to be derogatory, offensive, inflammatory, vulgar, irrelevant/off-topic, racist or obvious marketing or spam. Dr. Dobb's further reserves the right to disable the profile of any commenter participating in said activities.

 
Disqus Tips To upload an avatar photo, first complete your Disqus profile. | View the list of supported HTML tags you can use to style comments. | Please read our commenting policy.
 

Recent Articles

Most Popular

Stories Blogs

Upcoming Events



Most Recent Premium Content

Digital Issues