It was a glorious midsummer weekend with tantalizing smells of barbecue in the air. Before hurrying over to our neighbor’s backyard for their annual summer picnic, I quickly put away the week’s groceries in the refrigerator. Haste makes waste as the old saying goes, and before you can say “breach response,” a carton of eggs lay smashed and smeared on floor and fridge, and eggy footprints tracked all over the house, despite (or perhaps because of?) the kids and dog’s willingness to help. The happy bottom line: after a few hours of action with mop and bucket, cleaning rags and disinfectants, not only were the floors spotless but on a whim, we decided to deep clean the fridge, a much-needed exercise. Old condiments were thrown away, the shelves neatly labeled and stacked.
Eliminate shadowed, redundant, and overly permissive rules
Those who have lived through a cyber security breach (the digital equivalent of a dozen cracked eggs) can recognize the patterns – the chaos that ensues in the immediate aftermath of breach detection, well-meaning but frantic remediation efforts that often compound the problem in the short term, and over time, the emergence of a tighter, cleaner, wholesome security posture. Right now, the interior of my fridge reminds me of a fully optimized firewall rule set – gone are the shadowed, redundant, and overly permissive rules. Expired rules and orphan objects that are no longer tied to business logic or serve any useful purpose have been eliminated ruthlessly. That bottle of salad dressing that we once thought we couldn’t live without, has never graced a salad in years? It is gone forever, like that highly customized rule that DevOps team needed for a few months to access a new server, but nobody remembered to remove it after the project was over.