Seven Tenets of Good Security

Marcus Ranum and Fred Avolio
circa 1993

Minimalism. Simple is better than complex. This pertains to the methods and mechanisms used to implement security, the way a device is managed and used, and the network security paradigm embraced by a network security policy. There are two basic paradigms: Mimimalism supports the second.

Reductionism. Simplicity is important with software as well. Security and complexity are often inversely proportional.

Restriction No users. Nearly all security breaches are caused by someone compromising a user account.

Auditability. A security device should be configured to gather as much data as is possible. It is easier to compress, consolidate, summarize, and delete log information, than it is to capture extra information on an event that happened yesterday.

Accountability. User identification is vitally important if users are to be allowed to use security systems.

Configurability. A security device is one of the methods and mechanisms used to implement a security policy. A security policy is based on input from a risk assessment and a business needs analysis. A security device should not impose rules of its own but be configurable to implement an organization’s security policy. It must also be flexible to change as the organization’s security policy changes.

Examinability. The methods and algorithms used to implement security should be implemented as a crystal box.