On Wed, 13 Mar 2002, Rajesh Talpade wrote:
A network is only as secure as its weakest link....
sounds like a cliche, but am afraid this least-common-denominator rule will hold as networks converge.
Is there anything we can do to improve this? How can we make sure the people who "need-to-know" find out how to secure their weakest links instead of waiting for each company to stumble along their learning curve. The usual answer is hire an expert (or SAIC :-). But there aren't enough qualified experts to go around in the best of circumstances. The problems include divergent cultures, technologies, and even generations. Until the technology crash, the so-called next generation networking companies didn't want to "converge" with the existing companies; they wanted to wipe them out. There wasn't a lot of sharing between the different groups, even within the same company. I'm not sure one security approach is better than the other, but they mix like oil and water when you combine traditional telephone security and Internet security methods.