Friday, February 26, 2010

The power of the Off Switch: You'll never miss it until it's gone.

If you grew up a Star Trek fan, you've probably seen the episode where the computer runs amok, putting the whole ship into danger. The crew has to figure out some clever, complicated means to stop the computer and save the day: asking it to compute PI to the last digit.

If you were like me, you watched this and at some point asked "Don't they have an Off Switch for the blooming thing?" (At least in the movie 2001, they put a guillotine on the computer's power line.)

These memories came back to me recently when I read a stinging critique of the problems with the Toyota Prius and the fact that if it malfunctions, it doesn't have a proper Off Switch - just a button you have to hold down for three seconds (and hope the software bug doesn't make that malfunction). In the past, I'd seen similar criticisms of other devices, like the iPhone, but this is the most serious context for the criticism.

Bringing this into the context of security, I strongly believe being able to Prevent, Detect and Respond are the three pillars of any good plan. In the worst case, when you really lose control, Respond means being able to disconnect or turn off the device in question.

Well, without an Off Switch, you lose the ability to deal with this worse case scenario. With Prevent, Detect, Respond it is important not to put all your eggs in one basket, or, as not having an Off Switch points out, it's important not to remove all the eggs from a basket as well.

