Security's Everyman

Security's Everyman

Tuesday, November 11, 2008

Pay Close Attention

Paying close attention to life can save us all a lot of headaches and unnecessary grief. This applies to our lives as information security professionals as well. We need to make sure that we pay close attention to what we are doing. Whether it's monitor logs, configuring devices, reviewing configs or RFP's, writing policy or procedures, etc... If we aren't careful and diligent in what we do we will make a small (hopefully it's small) mistake that may come back to bite us.

We also need to be careful of the message that we give to our customers and users. We need to ensure that we are clear in how we present the message and that it is in line with the business requirements. We need to make sure that we are looking for answers to solve a problem and not just saying "NO". How we communicate our security plans has to be in a way that the user will understand and that will make them want to work with us.

What made me think of this? This picture tells a story that is very different from the one that was trying to be conveyed. If Mom and Dad had paid attention to what little Suzie was drawing for her class project it just could have saved them lots and lots of embarrassment.

What little Suzie was trying to convey was that her Mom worked for a Hardware store and was selling a shovel to a customer.

Creative Commons License
This work is licensed under a Creative Commons Attribution-NC-SA 3.0.