I returned from the Wellington DevOps meetup a few minutes ago to find Vice.com’s post on Hacking Monitors had been slashdotted. Tom Eastman talked about appropriate security architecture for the internet of things at the meetup. I won’t scoop Tom’s entire talk before ScaleConf NZ, but I will repeat that automating an exhaustive, meticulous, and secure server-build-and-patch process is easier than doing the minimum. Set out from the beginning with the idea that you’re going to deploy a server on a hostile network, with clueless and sometimes hostile people in physical possession of the hardware. After you’re done freaking out, encrypt everything and make sure your remote deployment pipeline is secure and fool-resistant. As is the theme on my blog, exhaustive planning and design saves time and delivers superior results.
RSS - Posts
Be the first to comment.