Policies in Wonderland

--Originally published at (Not so) Random talk

Let’s play, let’s play, with allegories and fantasies.

Let’s play, let’s learn, about security policies.

The company becomes a kingdom,

The CEO becomes the queen.

Gif from: http://makeagif.com/3i8T6n

But being who I am,

But being who you are

It can’t be any kingdom

And now you are in Wonderland.


“Off with the head!”

“Off with the head!”

Yells the Red Queen

For now you are under her rules.

You fell into the Rabbit Hole

You fell into Wonderland

And having been unannounced

The Queen seems to think the policies you’ve broken.


“The policies have not been broken”

“The policies have not been written”

“The policies are not even known”, is what you say

So you saved your neck for now.

Think the policies,

Write the policies,

And if the Queen is happy,

Your head shall go home on your shoulders.

Days and days you think,

Days and days you write,

For the policies that won’t be over specific,

And that will pass the test of time.

Security advice must be given,

Security protocols must be covered,

You think of common practices,

But without copying them for this are just for Wonderland.


Three common policies are known to you,

Three common policies are written.

Information, Privacy and Acceptable Use policies

For Wonderland are clearly written now.

The White Rabbit has taken them,

The White Rabbit will read them to the kingdom,

His trumpet will sound, and so he will say

“Hear all, hear all, the new policies are here”.


The Information policy designates

Who is responsible for information security matters,

The Information policy describes,

The role each member of the kingdom will play in information security.

The Queen is the authority in the creation of security standards,

The Queen is the authority for incident response,

But not it won’t

Continue reading "Policies in Wonderland"

The three “knights” of the Internet

--Originally published at (Not so) Random talk

Come children and listen to this story.

Once there was a kingdom. All kingdoms have something that  makes them special. Some have a fair princess, other brave knights, or others are cursed by an evil witch. What made this kingdom special, was the amount of information it had about the world in it’s huge library. And not just about the world, but of all the people that lived or even visited this place.

Picture by dilettantiquity hosted at Flickr. License of CC: https://creativecommons.org/licenses/by-sa/2.0/legalcode Thi picture was not modified in any way.

And as in all stories, something bad must happen. Some people say that knowledge is power, and maybe that’s the reason why bad things started happening in the kingdom. Sometimes it were small things that were annoyi, like not finding information, it being in use or reserved always or simply not there because it was taken for long periods of time. Some other times the information was overwritten, making people believe things that were not true and causing confusion. And sometimes, the information was made to extorsion or hurt them.

Trying to act quickly to prevent the chaos, the king called forward three knights to protect information: Cooney, Inbern and Avery. The first knight, would safeguard the personal information of the kingdom’s citizen’s and the travelers, so it wouldn’t be used with bad purposes again, by making only authorized people able to look at this info. The second, Inbern, was assigned to check and protect the books in the way that no one without the ones with the permissions to do so could change their content. And last but not least, Avery was assigned to make public data available, managing it and preventing it’s loss.

Found at https://giphy.com/gifs/if-youre-reading-this-its-too-late-g7nT5NAPosaxq

I think that’s enouh story for today, though

Continue reading "The three “knights” of the Internet"