Do you remember the Cone of Silence in the old Get Smart TV show? It was great. The Chief and Max would lower the cone so no one could hear what they said. It was a funny, but effective, way of keeping a conversation secure.
The best part was that most of the time it didn’t work. The mechanism would break. The cone would go up and down when it wasn’t supposed to. Half the time the cone was so silent, no one could hear each other. Or there was a tremendous echo in it. My favorite was an episode where Max asked for the cone of silence only to report that he had nothing to report.
We are all lazy when it comes to security. If the technology is easy to use, we’ll use it. If it takes a lot of effort, we won’t. The cone of silence, when it worked, was easy to use.
Think about locking your front door. Years ago, people left their front doors open. We trusted each other and knew everyone in the neighborhood, so there was no need. Eventually burglars opened the front doors and stole things. So people locked their front doors. It was easy to do and effective. Of course they had to remember to lock the door before they went out. At first it was hard to remember, but eventually everyone did it. Locking the front door keeps the majority of burglars out of our homes.
You need to use the right technology for the right purpose. Some people put in sophisticated alarms and motion detection systems to protect their homes and businesses. That may be appropriate depending on what you want to protect. If you are a bank, hospital or government agency, this makes sense. You keep a lot of confidential information. The IT equivalent of these measures are firewalls, intrusion detection systems, antivirus/malware/spyware software and keeping your computer systems patched. Some need more than others.
You need to determine your risk. Some people encrypt everything they send and store, whether it’s confidential or not. If I send an email to a customer asking about meeting me to discuss business, I don’t think I need to encrypt it. For some, that might be important. For me, the risk is minimal.
The Cone of Silence on Get Smart was a great gag, but it did illustrate something. Assess your security risks and implement policies and technology to mitigate them. Don’t use a complex and expensive system when a simple and inexpensive one will do the same thing. Cool gadgets are great for TV and the movies, but use what you need. Don’t make things too complicated. If it’s easy to configure and use, people will use it. Sometimes the best security is not saying anything when you shouldn’t.
Photo credit Would You Believe
