A Conversation with a 7 year old.
Dad, can you tell me what you do for work? I want to learn.
How is our computer safe?
Imagine our computer was our home. How do we protect our home?
Door & Window locks
Deadbolt and Camera Doorbell
Home security and monitoring to let someone know we are in trouble
But computers don't have doors or windows dad...
You're right! but they are protected in a similar way, you see...
Door & Window locks are like windows defender, it's great to keep people from walking in but if someone really wanted to get into the home they could.
So, we install deadbolts, doorbell camera, and privacy fence, these are like anti-virus and endpoint firewalls for your computer. Helps us keep unwanted guests from looking or getting into our home.
Even with all these things protecting us, if someone wanted to break in, they could. That's why we have a home security system. We call this Endpoint Detection & Response or EDR for short. It lets someone know the computer is in trouble and needs help! My team and I are the ones that come and help.
Is that all you do?
Well, no... You see our streets, our neighbors, and those businesses down the street? These things make up a community. Our neighbors do their part by having the same protections for their home as we do ours.
What about the streets? How do we keep them safe?
We hire police officers or start a neighborhood watch. Some communities have gates, security and walls around them to keep them safe.
What does all that have to do with computers?
Just like our neighborhood has multiple businesses, houses, and streets. Our networks are made of multiple servers, computers, routers, and switches.
We protect our computers with EDR, but how do we protect the network?
When the traffic sign (Router) sends someone into our community we stop them at a security checkpoint (Security Gateway). No one comes in without and invitation and we have large fences around the community to keep intruders out (Firewall).
These are wonderful things to have but what happens when someone in the neighborhood invites someone in thinking they're a new neighbor or the fence breaks down because there's so much upkeep and someone sneaks in.
We have police or security to get them out and keep us safe. In cybersecurity we call this Managed Detection & Response or MDR
So... We are safe right??
When we are at home? Yes, we are pretty safe and have a pretty low risk of something happening. Are we always at home though? No. We leave our community for groceries, traveling, or work. How do we stay safe out of our community?
We follow the rules of the road, park in lighted areas, don't talk to strangers, and lock our car doors. We enjoy the places we go but we always stay alert and tell a security guard or officer if we see something upsetting going on.
How do you protect people who aren't at their work?
Just like leaving our community it's always good to be cautious when on the internet. We keep people safe by keeping them out of bad places or stopping them from talking to strangers in their emails. We send a digital security guard with their laptop while they travel who's ready to protect that device and make sure an intruder doesn't come back to the community with it.
We also monitor and secure their "cloud." No, not the cloud in the sky this is where we use the computers of another community to store our belonging. We like to believe the other network is secure but as you've learned it takes a lot to do that. So, we give them a helping hand. We call this Extended Detection and Response or XDR for short.
Is there any other way to keep people safe?
Yes, a proactive approach to finding holes in the fences, making sure the community isn't inviting strangers, and testing everyone's locks, cameras and fences in our neighborhood
We call this "Penetration Testing" and "Vulnerability Scanning" we pretend to be the bad guys to make sure everyone responds how they should. Just like you practice fire drills at school, now go to bed.