Author Archives: Russell Doty

The previous post looked at written passwords – let’s now look at electronic passwords: Instead of writing passwords on a piece of paper, you can save them on the computer. The most obvious way to do this is with a … Continue reading →

Our last post introduced The Yellow Sticky of Doom. Talking with security experts about the Yellow Sticky of Doom shows that the situation isn’t entirely bleak. They agree that posting notes on a monitor – or the bottom of a … Continue reading →

The previous post looked at man-made physical threats. We now get to what I consider the greatest threat to computer security: the Yellow Sticky of Doom! Passwords written down on yellow sticky notes. These are everywhere. What is the difference … Continue reading →

The previous post considered forces of nature – we also have man-made threats: Where Dennis the Weatherman is a proxy for all the threats nature can pose, Joe the Backhoe Operator is a proxy for man-made threats outside the data … Continue reading →

We last looked at an inside threat – now let’s consider some external threats: Dennis the Weatherman is a proxy for the threats that nature presents. Superstorm Sandy is a recent example of the power of weather. Some places received … Continue reading →

The previous post looked at users and the unintentional threats they can create. Now let’s get hands-on with the systems: Dave is responsible for adding, upgrading and repairing systems. Without Dave, things will quickly go downhill in your data center. … Continue reading →

Unlike Sam the Disgruntled Employee from our last post, Sally doesn’t have an evil bone in her body. She is dedicated, hardworking, helpful, and committed to doing a good job. Unfortunately, she doesn’t completely understand how the system works, and … Continue reading →

The last post looked at programmers. Now let’s consider another active threat:   I’m going to assert that Sam is the second greatest security you face. (We will encounter the greatest thread in a few more posts.) Depending on who … Continue reading →

The previous article explored the threat system administrators pose; now let’s look at another internal threat: No discussion of system integrity and security would be complete without Tom. Without the applications, tools, and utilities that Tom writes, computers would be … Continue reading →

We last looked at the threat of a manager determined to make the business succeed; now let’s consider an inside threat: In terms of threat potential, Fred is off the charts. In order to do his job, he has essentially … Continue reading →