The Doggie Door of Information Security

Police have warned Los Angeles residences of an increase in reports of thieves breaking into a home through doggie doors.

Doggie doors are a hole cut in a door or wall to allow pets unrestricted ingress/egress.

picture used under creative commons

Pet/Dog doors for larger pets can be big enough for a person to climb through.   Even smaller pet doors allow someone to reach through and unlock the door.   Many owners are unaware of the security risk or they overlook the security risk.   Its like the key hidden outside your home.   (“I’m not putting the key under the mat or over the door frame.   I’m being clever using a fake rock!  Who would think to check that!” )

How many things in computer security are like this?   The unlocked second floor window.    The hidden key.   The key given to the neighbors who also have a criminal teenager.

What comes to mind first is system interconnection.   You want all remote connections to knock on the door and use a key.   But then you set add an external entity to your MPLS because they are going be handling some outsourced servers.

That’s a bit more literal.   There are many things we do on a day-to-day basis as users that we know are insecure but we pretend they aren’t.   Share USBs, click on links in emails.   Blindly open attachments.

Until someone breaks into your house through the dog door, you’re likely to think you live in a safe neighborhood and it couldn’t happen to you.   On the Internet, there is no safe neighborhood so it is important to not engage in head-in-the-sand security.