Ongoing Operations
Before Vineyard.NET, I had always handled the security of my own computer system with a few simple and reliable policies: don’t run any services that might be unsecure; don’t give out accounts to people you don’t know; and disconnect your computer from the Internet when you are not around. The monitoring that I did, insofar as I did any, was haphazard.
Clearly, those techniques would not work for a commercial service such as Vineyard.NET. Instead, I needed to design and deploy a system that could be readily maintained, defended, and scaled.
Security Concerns
From the start, Vineyard.NET’s security was one of my primary concerns. As the coauthor of several books on computer security, I knew any Internet service that I was involved with might be a target.
But there were other reasons that I was concerned about security. Vineyard.NET is a company that depended on computers that were connected to the Internet. If these computers were broken into and compromised, our reputation would be damaged, we would lose customers, and we would lose time required to put our systems back in order. We might lose so much in the way of customers, reputation, and time, that we might even go out of business.
Because of these problems, we followed a few simple rules for our system and networks: minimize our vulnerabilities and plan for break-ins.
Lesson: Don’t run programs with a history of security problems (e.g., sendmail).
From the beginning, we avoided running programs that had a history ...
Get Web Security and Commerce now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.