TechWhirl (TECHWR-L) is a resource for technical writing and technical communications professionals of all experience levels and in all industries to share their experiences and acquire information.
For two decades, technical communicators have turned to TechWhirl to ask and answer questions about the always-changing world of technical communications, such as tools, skills, career paths, methodologies, and emerging industries. The TechWhirl Archives and magazine, created for, by and about technical writers, offer a wealth of knowledge to everyone with an interest in any aspect of technical communications.
--- Jan Henning <henning -at- r-l -dot- de> wrote:
> > [Many statements unrelated to my argument.]
> > Windows can be secured. Very easily.
>
> No it can't. You may _believe_ that it is secure, but that is only
> because it is opaque to you - you simply confuse the lack of knowledge
> of any problems with the absence of problems.
I've secured the networks of over 50 different organizations ranging in sizes
from 10 systems to 50,000 systems, including one of the most secure areas in the
entire United States. And Windows is used in all these areas and we have been
able to secure it.
The first thing you learn when you start securing networks and systems is that
there are no absolutes. Everything is layers and factors of risk reduction.
And there are methods, tools, and technologies that allow you to determine, with
very great accuracy the relative security of a network. IDSs for example allow
the ability to very finely track access and misuse. These systems along with
vulnerability scanners, integrity tools, behavior monitors and many other tools
can tell you with exceptional accuracy, if a system is vulnerable or is being
attacked.
> A simple question: If Windows is so easy to secure and if security is
> the highest priority at Microsoft (as Bill Gates said it is), why then
> doesn't Microsoft do this easy thing?
They do. It just most people don't make security a priority. They TALK about
making security a priority, but then lack the skills, knowledge, resolve, etc. to
actually do anything about it.
Security is an inherently complex issue. It does not lend itself to simple
answers and quick "THIS ISN'T SECURE!!!" type solutions. There are numerous
interlocking layers of systems, processes, protocols...the list goes on and on.
And securing a network requires more than just technical skills. Just to tie this
all back to this list, my documentation skills have been immanently valuable in
my security career. Because I can communicate concepts and analyze complex
information.
Windows can be a secure platform. Its just not secure out of the box. But then
again - neither is RedHat, Suse, BSD, or anything.
Andrew Plato
__________________________________________________
Do you Yahoo!?
New DSL Internet Access from SBC & Yahoo! http://sbc.yahoo.com
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Experience RoboHelp X3! This new RoboHelp release combines single sourcing,
print-quality documentation, conditional text and much more, into the most
monumental release of RoboHelp ever! http://www.ehelp.com/techwr-l
Enhance, optimize and automate your FrameMaker-to-PDF workflow with TimeSavers:
Define all PDF features in your source FrameMaker files ONCE, distill MANY.
Bookmark Controller, Link Controller, UnBloat & more : http://www.microtype.com
---
You are currently subscribed to techwr-l as:
archive -at- raycomm -dot- com
To unsubscribe send a blank email to leave-techwr-l-obscured -at- lists -dot- raycomm -dot- com
Send administrative questions to ejray -at- raycomm -dot- com -dot- Visit http://www.raycomm.com/techwhirl/ for more resources and info.
