Is Network Security an Oxymoron?

1

By Ronnie Royston

Originally Published 1/1/2018
Updated 7/1/2020

Network Security

For most of us, strong passwords, encryption, and keeping software updated delivers adequate computer network security. Extraordinary security measures demanded by kings, presidents, celebrities, dissidents, etc acknowledge that there is no privacy and no guarantee that digital property will be available, or private. Known sources of eavesdropping include automobiles, cell phones, computers, and considering the Internet of Things (IoT), the days of privacy are numbered. Benjamin Netanyahu, Prime Minister of Israel, recently commented that he is unwilling to use phones, cell phones, televisions, and computers when in his office.

A Lock Only Keeps Honest People Out

This point is self evident. The locks on your front door don't actually prevent a determined intruder from getting into your home. Bank vaults are breached and looted regularly. That's not to say that you can't spend millions of dollars fortifying your home with a concrete wall, moat, 24x7 armed security guards, and iron gates over all your windows and doors, for example.

Avoid AAA For A Serious Attempt at Private Communications

Telecommunications security uses the concepts of Authorization, Authentication, and Accounting (AAA). Who are you, what access do you have, and logs of your access; but, privacy requires plausible deniability. Belief that one could not have been party to the communication must exist. In other words, AAA must be avoided. The message must be anonymously placed offsite in an unremarkable location, i.e., in plain sight. For example, a "safe" in your bedroom closet is not a highly secure location for private content and neither is a bank vault as you are accountable for both.

Who put this thing together? Me, that's who! Who do I trust? Me! -Tony Montana, Scarface (1983)

Implement a Data Retention Policy

Implementing a data retention policy enables you to properly store and delete files. Make copies of any documents or files that you wish to keep, and delete any files that you no longer require.

###Destroy Used Electronics Physically destroy used computers, tablets, or phones thouroughly with a tool such as a hammer. Never transfer a used computer, tablet, or phone to a third party such as a garbage man. Never. The data on those devices remains retrievable even though you thought you deleted it or factory reset the device.

Conclusion

As a professional computer network engineer I recommend that you wholeheartedly believe that anything you digitize can and will be viewed by others. Implement a data retention and deletion policy. Your brain is the safest place to store sensitive information, followed by pen and paper. As for regular information, you are fine digitizing that and very basic security such as password protection is all you require.

Automate a workflow or process today with standards based, library free JavaScript in the browser, in the cloud with NodeJS, or both. High Tekk can do that! See our services page for more details.

Dialog Title

Cell Phone Number

Your order ID is . The grand total is , or bitcoin.

This action cannot be undone. Continue?

Changes will be lost. Continue?

Delete location?






A signin link will be sent to your email address.

You privacy is top priority. Email addresses are never shared with a third party. For more information see our privacy policy.

Find a bug? Experience an error? How can we do better? We appreciate your feedback.

Delete order? This action cannot be undone.

Delete order? This action cannot be undone.

This action cannot be undone. Continue?