Tuesday, November 07, 2006

Data vs Network Security

So, yes, it was indeed an insightful post, so thanks Rich. And it did generate some interesting thoughts that I am only now trying to share. Mainly, I am wondering is this really true: "Protecting data is very different from protecting networks and one of the bigger challenges in security in the coming years is to manage it strategically…"


I obviously agree with needing to "to manage it strategically," because - hey!- it sounds cool :-) But is data protection that much different from network security? Can one even contrast them like that? I think network security is  hardly ever about protecting the network. It is about protecting network's ability to move data around and keep it secure. Even a DDoS attack against a network fabric costs money only as long as it impedes the network's ability to move data around. In more extreme terms, one wouldn't care about his routers keeling over just for their own sake, but only to the degree that his data processing (transmission, access, creation, whatever) is affected.


As I sit here at CSI (CSI 33rd, Orlando, FL, Nov 2006), I see some folks trying to make the same distinction and get real confused, real quick. For example, some split the field into content, network, host, identity and application security, sidestepping the whole "data protection" completely (it gets smeared over all of the above categories)


So, to make it simpler, please anybody answer this: the main (option: the only) thing that security protects is <fill in the blank>. I'd use the word "information" (which is, kinda the same as data, for the sake of this discussion) here and thus conclude that "network security isn't" ...



Technorati tags: , ,

2 comments:

Anonymous said...

Network security as used today is data security oriented. An old (arcane?) network security subject that is not data oriented is "traffic flow security" which addresses the need to prevent detection of the existence of communications. (e.g. activity on police frequencies lead criminals to abort activities.)

Anonymous said...

Network security as used today is data security oriented. An old (arcane?) network security subject that is not data oriented is "traffic flow security" which addresses the need to prevent detection of the existence of communications. (e.g. activity on police frequencies lead criminals to abort activities.)

Dr Anton Chuvakin