There is a corollary to Murphy’s Law called Hanlon’s Razor that goes as follows:
“Never attribute to malice that which can be adequately explained by stupidity, but don’t rule out malice.”
In the world of IT security, much risk and ultimately damage is caused by stupid in the form of ignorance or selfishness or just plain zero brainwave activity. Because nothing can render defenses useless faster than human stupidity.
So how do you stop stupid? It is not easy, because a quote by Friedrich Schiller says:
“Against stupidity, the gods themselves contend in vain.”
What is needed is something that is doggedly persistent and tireless in its defense against stupid. Something that never throws up its hands in the face of relentlessly repetitive stupid. Something that no matter how many times it must turn stupid away will do so with a singular purpose.
Triumfant resolution Manager does a great job of security configuration management. It will continuously enforce security policies and configurations, and when it sees non compliance it will automatically create a remediation to return the endpoint machine to compliance. It will also detect machines that have been changed in such a way that is anomalous to other like machines in the endpoint population, and based on how anomalous the change is, either create a remediation or alert the administrator.
In other words, Triumfant will stand tirelessly, continuously, and relentlessly against stupid. Every time a user sets his or her machine to a configuration or state that would create a vulnerability, Triumfant will set it back. If the user then changes the setting the next day, Triumfant will set it back. If the user disables their antivirus agent, Triumfant restores it.
No other tool that I know of is equipped to address the human element of security at the endpoint like Triumfant. The ability to continuously scan a machine and build a remediation on the fly is completely unique in the market and is uniquely capable to mitigate the effects of stupid. Given that there is no human intervention needed to remove the effects of stupid, your organization gets a solution that delivers with near zero human costs.
A loosely attributed quote from Einstein summed up stupid as follows:
“Only two things are infinite, the universe and human stupidity, and I’m not sure about the universe.”
But combining Triumfant’s configuration management capabilities to Triumfant’s ability to detect, analyze, and remediate a malicious attack without signatures and without human intervention, and you have a really powerful tool to add to your security strategy. It won’t completely mitigate stupid, but it will win one small skirmish in the war and dull the edge of Hanlon’s Razor.
Click here to subscribe
[...] this is just the kind of behavior that I pointed out in my recent post about “Stopping Stupid”. All of the security software, policies and configurations cannot protect against the human [...]
[...] we have also discussed the ability of Triumfant to protect the endpoint environment from acts of ignorance and incompetence by continuously enforcing security policies and configurations. But the protection of your [...]
[...] job of IT security difficult when users willingly walk into malicious activity. I use the term “Stopping Stupid” in a previous post, but if only one out of every eight people can spot a phishing site, then it [...]
[...] used Hanlon’s Razor in a post called “Stopping Stupid” regarding the role in continuous security configuration management in stopping the risk caused by [...]