Nothing is one hundred percent secure. As long as the value of the contents justifies the effort, someone will find a way to break into somebody else's property, be that. . .
Nothing is one hundred percent secure. As long as the value of the contents justifies the effort, someone will find a way to break into somebody else's property, be that a building or a network. Steel shutters on windows, armor-plated doors and a battalion of locks may give the illusion of security, but a suitably tooled-up intruder will make light work of them. Exactly the same is true of networks; within hours of a new firewall appearing on the market, dozens of web sites will have sprung up detailing its flaws.

Obviously, no one is saying that firewalls are worthless - quite the opposite; without a firewall, you might as well leave all the doors and windows open and erect a neon sign saying "rob me." But as this magazine has been stressing for years, a firewall should be a part of an integrated security policy, defined by a comprehensive risk analysis. If your external security is breached, you need a secondary line of defense. We can carry the building analogy further still. Most buildings have a whole host of additional security measures in place internally to detect `anomalous' behavior: cameras, badge-locks and the like. If a person working in one office is detected in another, something is clearly amiss. If the security pass of someone on holiday is used, there is a good chance that something suspicious is happening.

The link for this article located at SCMagazine is no longer available.