Anti-virus Approach Is Not Enough; We Need Default Deny Protection

2009-05-22by Melih Abdulhayoglu

In my last entry https://www.hostreview.com/icontent/the-blog/anti-virus-approach-not-enough I wrote about how we need to inoculate ourselves, our data, and our identities against the poisons of the online world. It makes no sense to use 20th century technology to protect our networks against 21st century threats. Here's how 21st-century protection works: First step: abandon the “default allow” paradigm now in place. Instead, work towards a “default deny” approach. What does this mean in general terms? It means that we need to become collectively more cautious about who can access our data and networks. Won't that slow things down? No! It will speed things up, for the people you want to stay in contact with. By maintaining an updated white-list, friendly forces can still reach you with ease. (e.g. your clients, your upper providers, your mother-in-law. Well, not all "friendly," but you get the drift.) The second key idea is that companies need to provide better, cheaper, and more robust security to clients. Sure, it may cost a little more to “go beyond” cookie-cutter antivirus software. But if networking companies don’t support one another and throw a security blanket over as much of the internet as possible, we are all going to be up the creek. Here is another way to think about it. Our society is a pretty open place, right? But the reason we can move freely is that we “look after one another.” We have agreed on a tacit series of principles and “lines in the sand” that keep everyone out of everyone else’s hair. Law enforcement officers can also “take down” criminals and generally deter people from violating our agreed-upon ethical standards. Online, things are different. Online, we don’t have a social or moral norm yet. The web is just too young and too roiling. So, as a result, bandits can operate “outside the law” (since there is no law). And until we set up the equivalent of an army or police force online to take these guys out, these metaphorical militia can wreak havoc. Enabling crosstalk among the good guys is a step in the right direction. But it’s only one of many steps needed! By operating out of a “default allow” posture, we enable this Wild West anarchic culture. And we also spend WAY more time and money responding to damage than we should. Here’s another analogy to chew on: imagine, for a minute, if we treated healthcare as “non-proactively” as we treat network security. What if we all waited until we got really sick before we ever went to see the doctor? And if we waited until our gums were bleeding and teeth falling out before we went to the dentist? Imagine our gruesome our hospitals’ emergency rooms would be! Imagine the lines at our dentist offices! It would be a national healthcare debacle. We need to focus on prevention. We need to educate people and business customers. We need to inoculate them. Give regular checkups and detect problems before they get bad. Recognize that if we fail to share information and common solutions, we ALL will go down with the ship when our networks crash and society comes screeching to a halt. Isn’t this taking our cyber threats a wee bit too seriously? Maybe. That’s what the “Default Allow” crowd might argue. But just because some crazy terrorist hasn’t yet pulled the Cyber Crime Of The Century shouldn’t help us sleep easier. Who knows, even now, the bad guys may be plotting… breathing down our necks... Getting closer…

news Buffer

Melih Abdulhayoglu

Melih Abdulhayoglu


Melih Abdulhayoglu created Comodo in 1998 with a bold vision of making the Trusted Internet a reality for all. His innovations have challenged some of the largest corporations and deeply entrenched business models to make the vision a reality, and his success has benefited the ecommerce industry, online businesses and users alike. Melih's pioneering business model has allowed him to provide the Comodo Firewall absolutely free, while continuing to grow revenue by over 30 percent, year over year. This innovative business model earned him Ernst & Young's Entrepreneur Of The Year® 2008 Award in the Information Technology Software Category for New Jersey.

Melih earned a BS in Electronic Engineering from Bradford University in 1991. During his tenure at Bradford, Melih was instrumental in creating new digital security technologies for large enterprises, computer manufacturers and governmental organizations worldwide. Using that experience and training, Melih established Comodo's core business building principle around the concept of Value Innovation - delivering solutions recognized for their technological innovation that has high value in the marketplace.

This intense focus on creating trust online has yielded such significant results that within just three years, Comodo has powered its way to the number two Certificate Authority position, controlling nearly one-third of all SSL certificates worldwide. Meanwhile, the company's award-winning, free firewall has become one of the most downloaded products in the world, protecting another PC every second of every day.

View Melih Abdulhayoglu`s profile for more

Leave a Comment