"I often ask, 'Everyone in the audience who thinks they're going
to be using the same word processor in ten years, raise your
hand.' No hands go up. 'Everyone who has data around that's
going to have value in ten years?' After a minute's thought,
every hand goes up. The lesson is clear: information outlives
- Tim Bray
Identify your assets and risksComputing environments vary enormously in how they are used, how well they are built, and how much they cost to maintain. If you can estimate the value, operating costs, and risks within your environment, you can prioritize the areas which would benefit most from attention. This is an important exercise because it gives you the means to compare your environment before and after a proposed improvement. That's because even though total risk is hard to estimate, you can track component risks directly, and therefore show the value to your organization of a given improvement. Build systems against a modelSystems are essentially characterized by two factors: design and implementation. All system issues become much easier if you can separately reason about each factor. Therefore, never build systems by hand, even experimentally. Instead, invest in an automated system configuration tool which builds each system from a specified model and a library of components. Then you can independently evolve the model to suit your requirements, while applying security patches to just one set of components. As a bonus, any system which fails can be identically replaced with zero configuration effort. Monitor your systemsAutomatically scan your network for policy compliance and vulnerabilities. In the best of worlds, this will simply verify that your systems were configured correctly. Sometimes, however, it will reveal problems that had not been foreseen at configuration time. It's also the fastest way to catch emerging problems and detect incidents in their early stages. Stay informedIt's ironic that although computer systems are purely human artifacts, we no longer completely understand how they work. Their emergent properties are just as important as the properties intended in their design. Your technical staff needs encouragement to develop the habit of thinking about system design as set against the evolving landscape of products and vulnerabilities. Make sure also that you have clear security policies which are understood and supported by everyone in your organization.