Re: [fw-wiz] 2nd Life



On Fri, 9 Nov 2007, Steven Osman wrote:

Well, that's all true, and not to offend anyone on the list or anything,
but there's a reason that folks who are hired to do PR and marketting are
not the same folks who are hired to secure networks.

Yes, but from a security perspective you've always got to sort of balance
business growth with what's essentially a fiduciary responsibility to
protect the organization- lots of times from itself.

We're "reasonably" good at what we do, let's trust that other folks are
"reasonably" good at what they do, whether we understand it entirely or
not.

That doesn't mean we let them make strategic network decisions by blindly
allowing their choices.

It's always easier to just say no to everything, but then nothing gets
done.

Not much gets compromised either.

A good security practicioner should be able to bring a business case along
with the security case. Not saying "no" might make you popular
internally, but security isn't about popularity, and like it or not for
almost all cases the less you let in, the less risk you assume- so letting
more and newer things in _should_ be an uphill battle.

Paul
-----------------------------------------------------------------------------
Paul D. Robertson "My statements in this message are personal opinions
paul@xxxxxxxxxxxx which may have no basis whatsoever in fact."
http://www.fluiditgroup.com/blog/pdr/

_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards



Relevant Pages

  • RE: SQL Slammer doing the rounds again?
    ... "I used to hate writing assignments, ... this - Is there a valid business reason to expose UDP ... > Security Business Unit ... > at the largest, most highly-anticipated industry ...
    (Incidents)
  • Re:[fw-wiz] Vulnerability Response (was: BGP TCP RST Attacks)
    ... of folks are using stuff that isn't working well. ... Working harder on it may not make it better. ... >>fundamental security core of their OS. ... >the typical corporate network? ...
    (Firewall-Wizards)
  • Re: Hears the problem with the economy
    ... For some reason ... telling folks from that state to,,,Squat on the houses they are fixing ... banks getting an doing nothing with it to help the ... squatter’s rights that a person or a group of people could homestead ...
    (alt.gathering.rainbow)
  • Re: Hears the problem with the economy
    ... For some reason ... telling folks from that state to,,,Squat on the houses they are fixing ... banks getting an doing nothing with it to help the ... squatter’s rights that a person or a group of people could homestead ...
    (alt.gathering.rainbow)
  • Re: Hears the problem with the economy
    ... For some reason ... telling folks from that state to,,,Squat on the houses they are fixing ... banks getting an doing nothing with it to help the ... squatter’s rights that a person or a group of people could homestead ...
    (alt.gathering.rainbow)