It’s not old security, it’s vintage!

Hi folks,

The other day I was digging through some old family papers and I found something interesting. No, no unknown fortune or half-sibling nobody talks about – I found out I’m unwittingly carrying on a family legacy. A legacy of security nerds.

085bc035fefbd02134c97215035af3618fd739be0f5688d45a74f651a23ba5b9

My granddad worked for the Army for decades. During the Vietnam era, he developed counter-guerilla technology and later got into computers. I knew that, but what I didn’t know was that towards the end of the 70s, he got into information security. And in 1978, he wrote this paper on secure computer facilities:

Computer Facility Security – 1978

I’m not clear on why he wrote it, but I definitely dig the graphic on the last page. And there are two lessons I took away from it:

  • Learn from other fields of study. The original Rex had spent decades focused on physical security for both military and civilian environments. The lessons he learned in those fields helped inform his efforts in information security. We have the same opportunity today to apply lessons and knowledge from other fields – psychology, warfare, accounting – to what we do in information security.
  • Security is a long-term problem. If you read the paper, O.G. Rex was talking about many of the same issues that consume us today; environmental security, insider threats, access controls, etc. Nearly 40 years have passed since he wrote this paper. We’ve had some of the best and brightest minds in the world working on making technology more secure, but it still has a long way to go. We live in a world that increasingly values instant gratification, but we’re not going to get it in our field. Our victories are small, incremental and sporadic, but we can’t give up. We need to be patient and continue to fight the good fight.

Not a bad yield for digging through some old papers.

Rex