EP 107: SDP 6: Fail-safe Defaults

About EP 107: SDP 6: Fail-safe Defaults

Your hosts are?Kip Boyle, vCISO with?Cyber Risk Opportunities, LLC, and?Jason Dion, former College Professor and Lead Instructor at?Dion Training Solutions.

In this episode, we go back to the Security Design Principles series, this time we are discussing Failsafe Defaults.

Failsafe defaults simply means that the default condition of a system should always be to deny.

An example of a failsafe default is the security reference monitor (SRM) that has been implemented in Windows operating systems since Windows NT. The SRM prevents access to any actions like logging on, accessing a file, or printing something unless the user presents a token to prove that they should have access to a file or an action.

There will always be two choices for failsafe defaults – to fail close or to fail open. The DoD and government organization side will tend toward using the fail close option, while the commercial and more streamlined companies will definitely prefer to fail open.

There will always be this challenge between security and operations. More security means less operations and more inconveniences while prioritizing operations means that security will not be the best. It all depends on your organization and its goals.

Understanding failsafe defaults and other security design principles will help you become a better analyst and produce more secure, robust, and functional systems. ? ? ?

What You’ll Learn

• What is Failsafe Defaults?
• What are some examples of Failsafe defaults?
• What is the Security Reference Monitor
• What is the difference between failing close and failing open?

Click here for Episode 107's Transcript

Relevant websites for this episode

• Akylade Certified Cyber Resilience Fundamentals (A/CCRF)
• Your Cyber Path
• IRRESISTIBLE: How to Land Your Dream Cybersecurity Position
• The Cyber Risk Management Podcast

Other Relevant Episodes

• Episode 103 – SDP 4: Compromise Recording
• Episode 105 – SDB 5: Work Factor
• Episode 101 – SDP 3: Economy of Mechanism

We help people like you transform into cybersecurity professionals by teaching them the proven methods we've used ourselves. We share our best tips, tricks, and stories by email.

Subscribe to our Mentor Notes for free today to stay in the know

We started the?Your Cyber Path?podcast with a clear mission in mind.

That mission is to help close the cybersecurity skills gap by helping you land?your?dream cybersecurity job, even if you have been rejected previously. Our commitment to you is that if you follow our guidance, take the hiring process seriously, and make it a priority in your life, we will do everything we can to help you succeed.?

Your dream cybersecurity job is not?a fantasy. There’s a?position out there unfilled and waiting for you right now.

Are you ready to embark on?Your?Cyber Path?and take that position?

Reaching over from the other side of the hiring desk,

Kip Boyle, vCISO with?Cyber Risk Opportunities, LLC, and?Jason Dion, Lead Instructor with?Dion Training Solutions