When it comes to technologies that directly affect information security, how do you determine when it is better to use an automatic option instead of a manual option, and vice versa? I already feel uncomfortable letting my browser remember my passwords and letting my OS install updates automatically.
Asked
Active
Viewed 146 times
2 Answers
1
Things that improve security should be automatic, exceptions to security policy should be manual.
So updates probably should be automatic, unless there is a history of faulty updates. Adding firewall exceptions should probably be manual.
Of course, that's from a security perspective. There may be competing concerns which might warrant decreasing your operational security. But you should know when you're making such a tradeoff.
tylerl
- 82,225
- 25
- 148
- 226
0
If you can't trust your browser with your password then don't. Try to find a tools that are better suited to the task. You can manually store the most important passwords but not to an extent where it becomes a burden. When manually storing passwords become a burden you are more likely to make mistakes and affects accessibility.
Change the source of your OS updates if you find the current source compromised. It makes sense to outsource checking of updates that have such a big effect on security of your system. I'm not sure in which level you would be checking your updates anyway. Checking source code of each update would take all your time. Trust on others to check your updates and you may as well let them decide your automatic updates.
Use tools and sources that you can trust. Choose carefully what is worth doing manually. Doing everything manually becomes a burden and people with too much burden make mistakes.
Mikuz
- 101
- 2