Information Technology Reference
In-Depth Information
application design must also provide internal checks and validation to
protect operational continuity and function. As I have often said, applica-
tions should be made as “idiot-resistant” as possible—“idiot-proof” is an
impossible goal, because there are so many idiots who are very inventive.
Idiot resistance can be enhanced through code review and automated
testing of code segments and applications, but should also include inter-
nal controls such as input validation, catching and passing failures to a
secure end state, maximum allowable resource constraints, and meaning-
ful codes for errors and unexpected termination of operations. An error
page that displays information about where a failure occurred (even using
cryptic numerical checkpoint values to avoid exposing details of applica-
tion design) is useful when accompanied with contact information for
technical support and directions for proper error reporting.
Regular review or automated monitoring of key services will allow
the identification of emerging threats to the enterprise, by identifying
operational characteristics outside of expected specifications. Figure 12.3
provides an example of a monitoring package being used to display real-
time data on a server's operations.
Note:
Detection of aberrant operational characteristics requires a baseline
and established variance from the baseline against which to measure cur-
rent levels of use. This baseline must be comprehensive to cover cyclic
shifts in load, such as morning start-of-day log-ons compared to mid-
night and weekend utilization, and updated regularly to address changes
in technologies and use.
Defend the Enterprise
Because the potential attack vectors (including internal “idiots” who just
hit the wrong key) are without bounds but security and defensive options
are limited, it is important to prioritize threats and items listed in the
risk registry. Applying Dr. Joseph Juran's extrapolated Pareto's principle,
defense against roughly 80% of identified risks should fall within 20%
of potential protective solutions. It is important to identify the “critical
few” so as to get the greatest return on mitigation efforts, knowing that
some legal and regulatory mandates are absolutes and must be addressed
no matter what is required.
