The buzz these days on the news and online is mostly all about who stole what type of information from whom and how much did they get. Many analysts immediately start saying if this or that had been in place the information might not have been compromised. You are certainly thinking about what and where your vulnerabilities are and how to solve them in an effort to protect ALL of your information.
Lets start by defining what is meant by what I call a Micro Security or Macro Security approach. First off, a Micro Security approach is simply the lowest level that you can analyze or evaluate when determining where a vulnerability could be and how to correct it. Some examples are outlined below, but keep in mind there could be thousands depending on the complexity of your environment.
- A software patch for a single item within an application or component
- Understanding one specific type of malware that’s being used and its impact
- Controlling one single users credentials with elevated access
- Evaluating how information is transferred from your public DMZ into the secure zone or LAN for a specific application or customer
- Reviewing how data is controlled from a single cloud application to your on premise platform
A Macro Security approach is just the opposite as it is the highest level that you can analyze or evaluate when determining a vulnerability and a remediation plan. A few examples are also outlined below.
- Understanding the overall security strategy for your firm
- Promoting a positive security culture within your firm
- Evaluating how all data comes into and out of your firm
- Examining how all data is scanned, stored, retained and used within all of your platforms
- Surveying how all trusted and untrusted users interact with all systems and what actions they can take in an authorized and unauthorized manner
It’s clear that Micro and Macro Security are each significantly different. If you choose to take only a micro approach you will definitely miss the larger exposure and if you adopt the macro approach you could miss a single patch that will possibly leave an application vulnerable for an intrusion.
It is recommended that you adopt a blended Micro and Macro Security approach. Understand all of your components, users, systems, applications and strategies and you will be in a more secure position and have a better defense against cyber criminals.
Try not to listen too much to some of the “talking heads” and their simplistic finger pointing post a security breach. They are usually making the breach seem simple and suggesting that if one single item had been corrected the breach would never have even occurred. That’s usually not the case. For example, some criminals get in through a vulnerability, take over a credential or make their own, analyze the system and then begin exporting data. Does that sound simple to you?
Security is all about layers and the more layers of defense you have the more likely your information will be protected.