SQL Clone
SQLServerCentral is supported by Redgate
Log in  ::  Register  ::  Not logged in

The Security of Interconnected Systems

By Steve Jones,

It's a scary world in the wild, wild west of the Internet. Many days I think that's a closer metaphor to the World Wide Web than the relatively ordered Kensington High Street in London. There are lots of bad people out there that are scraping identities, hacking systems, copying data, and more on a daily basis. Indeed the power of computers means that these malicious behaviors can be done at a speed and on a scale never before seen in the world.

I ran across this account of a blackmailer stealing a Twitter name using a variety of hacks across interconnected systems. What's worse than the attack against someone's digital assets is that fact that so many of the companies on the Internet have no good way of recognizing ownership. It's almost as it could be back in the gold rush days when you had to be vigilant and constantly inhabiting your property to protect the assets. At least in that time you could file a claim that would be honored. I'm not sure a Facebook name, a Twitter handle, a SQLServerCentral login, or any name on the Internet can actually be "registered" by most of us.

The problem isn't so much the ownership of some digital asset as it is the potential cascade of problems when we can't own an asset and possession of a username and password seem to be what matters. I'd like to think that corporate assets are better protected, and corporations are usually more able to take legal action against attackers, but it's entirely possible they aren't. Especially when many of the companies that provide services to both individuals and companies aren't providing support. The "Google" method of building automated systems that provide support looks like "hope for the best and too bad if it's the worst" from my perspective.

As we connect more and more systems together, whether through sign-on systems, automated feeds, or other methods, the ability to protect the entire system is dependent on the weakest link. The ability to resolve ownership and security issues, however, seems to have no protection at all.

Total article views: 118 | Views in the last 30 days: 1
Related Articles

Develop a High Availability/Disaster Recovery Strategy

Develop a High Availability/Disaster Recovery Strategy – Protecting your company’s most valuable a...


DBAs and the ITIL Framework, Part II: Asset Management

See how the ITIL Framework's Asset Management standards make the DBA's job easier. Use the CMDB and...


The State of the Internet Operating System

Tim O’Reilly has written a two part post on his thoughts on the internet operating system.  Part one...


Protecting SSRS reports

Protecting SSRS reports


Protecting sa

Today Steve Jones talks about the issues with the sa account, and how you might protect this on all ...