tradeoffs: controls in system vs. controls in environment
security vs. ease of use & productivity
security vs. cost
Place more effort in architectural & environmental controls than in system's control
centralized admin: complete view of enterprise, info consolidation &
correlation, lights-out operations where all management & monitoring
done remotely
reduction, categorization, prioritization of security events
automation of tasks: system installation, new user account, log
analysis
Administration: maximize services to user while minimizing
susceptibility to attack
but services depend on the same attributes of systems & networks that
make attacks possible
Security features should be easy to install & enable & configure for specfic needs
Security activities: backups, training, cryptographic key management, user admin & access privileges, updating SW
Discovery of new ways to intentionally or unintentionally bypass or subvert security
Security adds admin cost. Much systems admin relates to security, eg. admin of identification, authentication, authorization, accountability
Admin errors are partially responsible for many security incidents.
Incidents based on known vulnerabilities could be eliminated if current patches applied.