Security online is analogous to security in the real world. The first thing any law enforcement professional will tell you is that you cannot make your home or business absolutely crime-proof; all you can do is increase the difficulty and risk to a level where most of the would-be intruders simply go looking for an easier target.
This same principle applies to security online. There are unknown vulnerabilities that make it impossible for your to completely hack-proof your networks; but, if you make sure your perimeter and internal defenses are strong, hackers are likely to leave you alone and go looking for an easier target.
It’s often easier to explain cyber-security to people using such analogies, especially when you’re being grilled about the need for that new, expensive Intrusion Detection System. Here are some useful comparisons:
- Guardhouse at the entrance gate = Firewall with stateful packet inspection
- Burglar alarm = Intrusion Detection System (IDS)
- Security cameras = IDS sensor points
- Automatic lock-out/lock-in doors = Intrusion Prevention System controls
- Fire suppression system = Antivirus/Antimalware/Antispam
- Safe = Disk or file encryption technology
- Safe deposit box = Symmetric key encryption technology
- Locked mailbox with open slot = Public key encryption technology
The easiest analogies are the ones regarding encryption, of course. A safe requires a combination; decryption of a disk or file requires the passphrase. A safe deposit box requires that both you and the bank have a key; symmetric encryption requires that both ends have a key. A locked mailbox with an open slot means that anyone can put mail in, but only the person with the key can read the message; public key encryption allows anyone to encrypt the message, but only the holder of the private key can decrypt it.
The other analogies are more open to interpretation and undoubtedly opinions will differ.
What do you think? Have you ever used such analogies? Leave a comment with your favorite comparisons.