Tuesday, October 28, 2014

The digital unwritten law of "just in case"

“Just in case" is trending topic in the digital world, as it was (and still is) in most aspects of your life. There are things you are not very keen on doing, but you do it anyway... "just in case". Nobody escapes from the "just in case" thought. Every business, every family and even the security industry have it always on mind.

We all know that Apple computers do not have malware, right? They must be bombproof, apparently. But "just in case", you should install a monitor tool to find out what services are loading when your Mac is booting. Who knows! Perhaps that statement is not really true.

Surely everyone here already know what a botnet is, how it spreads, which ones the most dangerous botnets have historically been and how to know if you are part of one of them. Anyway, it never hurts to review all these points, "just in case". If you still do not discover anything new, you can have a look to Akismet’s monthly report on the evolution of Internet security. The latest one for Q3 alerts of a four-fold increase on denial of service attacks in comparison with same period last year.

The "just in case" formula is not only part of Western philosophy. In China it is followed to the letter. Jinghua.cn, a newspaper from Beijing, recently reported that the Chinese government will uninstall 15% of Windows OS from devices used by its employees. A “just in case” measure against alleged American surveillance.

Yet "just in case" actions are not always a solution. In fact, regarding such a sensitive issue as compliance and action policies within an organization, you have to be rigorous. It may come from an automatic system that objectively provides a range of possible situations that may occur. This would be an automated tool able to monitor requests, delegating to the team whether a corrective measure should be applied or not over an alerted situation.

After all we are all human, and we all sometimes perform some disturbing actions. Such is the case of a not very bright person who created a WIFI network called "Al-Qaeda Free Terror Network" using his mobile device just before boarding a plane from London bound for Los Angeles. This joke affected not only him, but other passengers since the flight was cancelled as soon as a member of the crew realized it and called the police. A maybe too drastic "just in case" situation, but well deserved.

There are some “just in case” needed, and some others out of context. Nevertheless we are not only talking about IT, Risk or Security, but about users, i.e. people. And people usually contemplate eventualities, however distant they may seem. It is on their nature.


Post a Comment