To be effective, security has to come first

The keys to good IT security are doing your homework early and being prepared, said Keith Young, security manager for Maryland's Montgomery County.

"Security is like a Yugo with a sunroof," Young said in a presentation at the FOSE 2003 trade show. "Eventually something is going to leak through." A good security manager should plan ahead to put off the inevitable for as long as possible, and be ready for it when it occurs.

Montgomery County had the lead in last year's Washington, D.C., sniper investigation and had to share information securely with a variety of agencies within the county as well as local, state and federal organizations in the District of Columbia and two states. At the same time, traffic?and attacks? on the county's Website increased 1000-fold, Young said.

He found there was no one effective solution for securing the multitude of links that was put into use.

"Montgomery County is using everything right now," Young said. That mix, which supports about 2000 users, includes virtual private networks, site-to-site IPSec encryption, Secure Sockets Layer encryption for Web applications and public key infrastructure. None is perfect, he said. For every solution there are problems with interoperability, the need to support client software for a variety of platforms and the threat to internal networks should malicious code breach the perimeter.

To make security work managers must spend time and money up front evaluating vendors and their products, paying attention to company financials as well as to technology. This groundwork might slow down the process of change, he warned. "Sometimes, sticking with your current product might be a good choice."

Another piece of advice was to keep a big bottle of antacid on hand. "I take it on a daily basis," Young said.

About the Author

William Jackson is a Maryland-based freelance writer.

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

What is your e-mail address?

My e-mail address is:

Do you have a password?

Forgot your password? Click here
close

Trending

  • Dive into our Contract Award database

    In an exclusive for WT Insider members, we are collecting all of the contract awards we cover into a database that you can sort by contractor, agency, value and other parameters. You can also download it into a spreadsheet. Our databases track awards back to 2013. Read More

  • Navigating the trends and issues of 2016 Nick Wakeman

    In our latest WT Insider Report, we pull together our best advice, insights and reporting on the trends and issues that will shape the market in 2016 and beyond. Read More

contracts DB

Washington Technology Daily

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.