Section 8.1 Secure Systems and Insecure Systems

8.1 Secure Systems and Insecure Systems

You must first evaluate how secure various communicating systems can be made. This evaluation must include factors such as the security of the system's software (operating system and applications), how quickly security fixes are applied, how strictly security is enforced, how careful and trustworthy the users are, and how physically secure the system is.

The security will be determined by the lowest score in any of these areas. Even a system certified to the U.S. government's C2 level (a really secure system) will be worthless if the unit is in a "never locked" room without constant supervision where anyone with a screwdriver can gain physical access to its disks.

Similarly, any system where an untrustworthy individual could pop in his own floppy and boot it is not secure. None of the popular operating systems are entirely free of the risk of security bugs and most of them, including Linux, have had severe vulnerabilities come to light recently. One of the trends with users managing their own desktop systems, be they Linux, UNIX, Macs, or Windows, is that most users know little about security and care even less. I know of several SysAdmins who have easy-to-crack root passwords on their systems.

These systems simply are not to be trusted. If time allows it, all systems that are to be trusted should be professionally administered by someone trained to manage that operating system and application software. I admit to knowing almost nothing about administering Windows or Macs, other than some network settings. My office manager knows far more about them.