I recently read an article about a “good enough” network. I know this has come up in the past, but this time was in a much different context. Some people might believe that a “good enough” network is enough enough when you are moving data and web servers, but what about when it becomes the lifeline for the power grid?It was a good article that you can find here: Smart grid security: Will ‘good enough’ be enough?
It goes on to say that we should assume that the network has already been compromised, because if someone really want to get to you, they will. So how do we deal with the advanced persistent threats when we are talking about keeping the lights on? There are too many endpoints and doors into a network that large to keep them all shut down without isolating the entire network.
The key elements of any good design has to include redundancy and fault tolerance. Being able to keep the power flowing is crucial. And, if you have enough visibility into your network that you can find the threat before or as it happens, it makes it easier to adjust and re-route the power. Also, as we move more towards a converged network once again, creating standards, much like the PCI DSS standards in Retail, will be even more important.
At the end of the day, ‘good enough’ should be the best we can do, and from there, we need to continuously improve. We don’t want to be sitting in the dark one day saying “maybe that wasn’t good enough…..”. We need to continually improve the trust, visibility and resiliency of the network.