Re: [fw-wiz] Managed Firewall Service - Opinions

From: Duncan Sharp (drsharp@pacbell.net)
Date: 04/18/03

  • Next message: Mark Teicher: "Re: [fw-wiz] commercial va" 
    From: Duncan Sharp <drsharp@pacbell.net>
To: "Melson, Paul" <PMelson@sequoianet.com>
Date: Thu, 17 Apr 2003 15:07:43 -0700

    "Melson, Paul" wrote:

    > To be fair, any security services company with a half-way decent legal department will require some level of disclaimer like this in their SLA, or any contract for that matter. You're asking too much if you want to pay a vendor $15K-$20K/yr and expect them to pay 10x to 100x that back if there's a security incident. I can't think of any industry where a vendor assumes that level of risk. That doesn't mean you can't still sue them, though, if you feel their was negligence or incompetence on their part.
    >

    Paul;

        I can think of at least two service areas:

            1: Rent-a-guards, where either the guards are bonded or
                the guard service is insured.

            2: Offsite tape {data,document} storage providers. Where the employees
                are bonded. Hopefully the company offers insurance as an option.

        It would seem to be prudent to offer some sort of performance penalty in
        the contract, than to leave the outsourcing company exposed to unlimited
        damages.

        In other words offer the customer upto 10x the yearly service fee in
        verified damages.

        One additional item of consideration of inhouse vs. outsource:

            If the inhouse employee(s) fail, I can feel the satisfaction of firing them.
            This best works for a "at will employee in the US".

            If the outsourcer fails, I can feel the satisfaction of [???? ???? ????].

    Yours,
    Duncan Sharp

    >
    > > -----Original Message-----
    > > From: Jeffery.Gieser@minnesotamutual.com@AICNOTES
    > > Sent: Thursday, April 17, 2003 11:39 AM
    > > To: firewall-wizards@honor.icsalabs.com
    > > Cc: Fiamingo, Frank
    > > Subject: Re: [fw-wiz] Managed Firewall Service - Opinions
    > >
    > [...snip...]
    > >
    > > 4. They usually force you to sign an agreement stating they are not
    > > resposible for any security incident at your site even if it results from a
    > > configuration mistake that they made on your firewall.
    > _______________________________________________
    > firewall-wizards mailing list
    > firewall-wizards@honor.icsalabs.com
    > http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

  • Next message: Mark Teicher: "Re: [fw-wiz] commercial va"

    Relevant Pages

    • Re: How to Replicate NoEinsteins M-M Invalidation (is Copyrighted.)
      ... the explanations of Lorentz and FitzGerald that "all matter contracts ... But what if matter doesn't contract in the direction of motion? ... According to SR, matter doesn't contract. ... Dear Paul: As a new visitor to my posts, ...
      (sci.physics)
    • Re: late setting up Ltd company
      ... >> company account has been pretty dormant. ... I presume the contract has been assigned to the company name? ... > Paul Garbett ...
      (uk.consultants)
    • Re: 1985 Lawsuit
      ... In the late 1970's or early 1980's, Paul signed a lucrative recording ... contract with Capitol, the Beatles former company. ...
      (rec.music.beatles)
    • Re: Another catcher moving
      ... > contract for his client. ... Fuck Paul Lo Duca. ... Fuck him, and you can go shit in your hat too. ... That "did not look" excuse is used by pedophiles and pervs all the time. ...
      (alt.sports.baseball.bos-redsox)
    • Re: Universities pay dispute
      ... Don't be silly, Paul. ... mentality is already engendered when the initial contract is drawn ... Your contract of employment is not between yourself and "management", ...
      (uk.religion.christian)