Dirty Laundry Usually Doesn’t Get Aired

The way to fix problems is to first identify and acknowledge them.

Only then can you focus on them, commit to them, really address them, and make things better.

The BIG problem though is fear. 

Usually dirty laundry doesn’t get so easily aired. 

Generally, people don’t want trouble. 

“The nail that sticks up gets hammered down.”

And who wants to be the one to get hammered flat and for of all things, doing the right thing?

We don’t encourage transparency.

And we certainly don’t reward transparency. 

As I once overheard:

“Uh, you better keep it in the family!”

So things get kept in the family, and the big burly husband is a drunkard bum and the wife is abused and the kids are abused, and the sh*t goes on. 

Shhh…

Open door policies, hotlines, and other mechanisms are helpful, but don’t go far enough. 

Bosses need to ask point blank and with full and honest assurance of confidentiality and non-attribution or retribution:

“Tell me what’s really going on here.”

When there is smoke, there is fire, and where there is skunk stink, there is skunk.

The only way to know the truth and make a difference is to get to the truth.

In life, is anyone willing to “do the dirty” and finally get to clean? 😉

(Source Photo: Andy Blumenthal)

Snapchat, Eat Your Heart Out

As so many of you app users know, Snapchat allows you to send texts, drawings, photos, and videos, but with privacy, knowing they will disappear in a few seconds.

Disappearing messages is certainly not a new idea–in spycraft or for kids. 

Remember the disappearing ink (or maybe you’ve forgotten because it disappeared)?

Well, this is a photo of disappearing-disappearing ink!

Someone apparently stole the disappearing ink right out of the packaging in the store–it has truly disappeared. 😉

(Source Photo: Rebecca Blumenthal)

Visualizing IT Security

I thought this infographic on the “8 Levels of IT Security” was worth sharing.

I thought this infographic on the “8 Levels of IT Security” was worth sharing.

While I don’t see each of these as completely distinct, I believe they are all important aspects of enterprise security, as follows:

1) Risk Management – With limited resources, we’ve got to identify and manage the high probability, high impact risks first and foremost.

2) Security Policy – The security policy sets forth the guidelines for what IT security is and what is considered acceptable and unacceptable user behavior.

3) Logging, Monitoring, and Reporting – This is the eyes, ears, and mouth of the organization in terms of watching over it’s security posture.

4) Virtual Perimeter – This provides for the remote authentication of users into the organization’s IT domain.

5) Environment and Physical – This addresses the physical protection of IT assets.

6) Platform Security – This provides for the hardening of specific IT systems around aspects of its hardware, software, and connectivity.

7) Information Assurance – This ensures adequate countermeasures are in place to protect the confidentiality, integrity, availability, and privacy of the information.

8) Identification and Access Management – This prevents unauthorized users from getting to information they are not supposed to.Overall, this IT security infographic is interesting to me, because it’s an attempt to capture the various dimensions of the important topic of cyber security in a straightforward, visual presentation.

However, I think an even better presentation of IT security would be using the “defense-in-depth” visualization with concentric circles or something similar showing how IT security products, tools, policies, and procedures are used to secure the enterprise at every level of its vulnerability.

IT security is not just a checklist of do’s and don’t, but rather it is based on a truly well-designed and comprehensive security architecture and its meticulous implementation for protecting our information assets.

Does anyone else have any other really good visualizations on cyber security?

(Source Photo: here)