Not long ago I moved to a rural area with a decent-sized Amish population. I don’t grow crops outside of the family garden, manufacture products aside from hobbies, or have herd animals (although does having too many dogs count? Asking for a friend). Since people know I work from home, the question invariably arises: “So, what do you do?”
My response is always that I provide computer security support to a company in Kansas. Sometimes that leads to head-scratching — how do I work from home for a company over six hours away?
The Amish, who don’t have electricity or phones, have limited exposure to computers and what they do. It can be difficult finding a way to explain my job in terms that make sense.
While talking with a neighbor, Emmanuel, he tried to understand what “computer security” really meant. I looked across the way at his fences, which keep his cattle safe. Nearby were sheep, goats, and chickens — each in their own enclosure.
For most of us, a fence exists to keep our dog or kids in the backyard and out of the street. For the Amish, a secure fence is vital to their livelihood. If it breaks, animals can wander off or predators can get in, leading to serious financial loss. When my dog escaped once, I was annoyed, put on my shoes, and retrieved her from the neighbor’s yard. No real harm done.
For Emmanuel, the stakes were much higher.
Each herd served a specific purpose: sheep for wool, chickens for meat and eggs, cows for milk, goats to sell when they were old enough. Every group mattered.
That’s when the analogy clicked.
I explained that computer applications are like his herds. Each one delivers a specific outcome — word processing, communication, endpoint protection, security monitoring. And just like his animals, those systems are protected by fences designed to keep the good things in and the bad things out.
Part of Emmanuel’s job is to walk his fence regularly, checking on both the animals and the fence itself. Our job in cybersecurity is much the same.
Over time, holes inevitably develop.
For him, water can erode fence posts, cows may lean on them too hard, raccoons might dig underneath, or a goat might simply jump over. When I explained this, Emmanuel asked a natural follow-up question: How do computers develop holes?
The answer is familiar to anyone in security:
Applications ship with vulnerabilities
Software becomes outdated or unsupported
Unauthorized tools get installed
Someone clicks the “harmless” link an aunt sent in an email
Holes happen. In fences and in systems. What matters is how quickly we find them — and what we do next.
As Emmanuel walks his fence, he looks for loose posts, sagging wire, or signs of animals digging. When he finds a problem, he fixes it immediately — reinforcing posts, filling holes, or redirecting animals away from weak points.
Cybersecurity hygiene follows the same principle.
The best way to prevent a breach is to ensure there is no hole to exploit. Vendors release updates and patches constantly, and those patches must be deployed quickly and verified.
The 2017 WannaCry ransomware attack is a textbook example. Microsoft released a fix months before the attack, yet hundreds of thousands of systems remained unpatched. When the exploit was used, over 200,000 machines were compromised worldwide.
Deploying patches isn’t enough. We also need confirmation that they installed correctly.
Other foundational hygiene practices include:
Enforcing password complexity rules
Maintaining up-to-date anti-virus software
Updating outdated applications (especially browsers)
Blocking known vulnerable software
Conducting security awareness and internet safety training
Scheduling regular scans
Enabling host firewalls
Encrypting devices
Enforcing removable media policies
Defining and enforcing administrator access guidelines
Performing regular penetration testing
The list is long — and it should be. Security starts with consistently walking the fence and checking the herd.
Building a fence once and trusting it forever isn’t a strategy. Maintenance is.
Sometimes the holes are too large or too new to fix immediately. That’s why organizations also rely on teams and technology that monitor for indicators of compromise and respond when something slips through.
But that’s a story for another day.
Walking the fence is not a one-time task — it’s an operational discipline. Modern security depends on continuous validation that controls are present, active, and doing what they’re supposed to do across every endpoint.
That discipline is the foundation of resilient security operations — and it’s where real protection begins.
Foresite’s TANIUMaaS (Tanium-as-a-Service) delivers real-time endpoint visibility, continuous validation, and rapid remediation — operated by experienced security practitioners.