|
|
Posted by Jerry Stuckle on 10/21/07 23:37
Puckdropper wrote:
> Gary L. Burnore <gburnore@databasix.com> wrote in news:ffgb6f$3n6$4
> @blackhelicopter.databasix.com:
>
>> On Sun, 21 Oct 2007 14:05:33 -0400, Jerry Stuckle
>> <jstucklex@attglobal.net> wrote:
>>
>>> Gary L. Burnore wrote:
>>>> On Sat, 20 Oct 2007 22:05:13 -0400, Jerry Stuckle
>
> *snip*
>
>>>> Security is about many things of which prevention is one.
>>>>
>>> No responsible person in the security field will ever claim that.
>> I'm a responsible person in the security field and I claim that. I've
>> been taught that and I teach that. That being that many things make
>> up good security. Prevention is one part of security.
>>
>>
>>> There is no such thing as "prevention". That would indicate that
>>> something can't happen, which is impossible to do.
>>>
>>> For instance, banks have been trying to prevent robberies for hundreds
>>> of years.
>>
>
> *snip*
>
> Prevention isn't about 100% prevention, but mainly deterance. With
> preventative efforts, you simply try to make it more difficult to get to
> your systems. Maybe then the would-be attacker gets bored or frustrated
> and gives up.
>
> Prevention isn't the only line of defense, of course. If the attacker
> does succeed, you have to try to limit the amount of exposure.
>
> Puckdropper
Here, I agree with you. Security is about deterance. But not prevention.
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attglobal.net
==================
Navigation:
[Reply to this message]
|