They don't care to understand enough about security to care about it.Recently, I talked to a VERY senior software architect who is in charge of a project for a VERY large company. The project deals with moving information between various data sources. One of these sources is the physical access control system. In other words, the component doing the moving of information would be a primary candidate for a hack should someone want to get somewhere in the building they weren't supposed to be.
Me: "What about security?"
Architect: "We encrypt the source data file that gets read."
Me: "And what happens when the data is being passed around between systems?"
Architect: "It's all on the internal network. We don't need to worry about security since it's all trusted."
Me: "So, there's no need for you to even ensure data integrity?"
Architect: "Why? What for?"
Me: "What if someone messes with the messages being passed back and forth between the systems?"
Architect: "Why does that matter?"
Me: "An attacker could change it while the data is in transit."
Architect: "That won't happen."
Me: "Shouldn't you at least sign the messages containing the data? It doesn't take much code to do it."
Architect: "No, we trust everything internal."
Me: "Does your project have anyone who is responsible for security?"
Architect: "I am."
Enough said.
No comments:
Post a Comment