Security Basics mailing list archives
Re: Hosting
From: pablo gietz <pablo.gietz () nuevobersa com ar>
Date: Thu, 31 Jul 2003 14:45:54 -0300
David I totally agree with your concept. ! Thanks to all who has responded.! David Gillett wrote:
Outsourcing is a good strategy for businesses with lots of cash (...) to consider as an alternative to developing in-house expertise in areas that lie away from their "core competencies". I don't think it's a big stretch, though, to recognize that Security and Trust are, or should be, a bank's core competencies. The entire banking system only works because most of the people believe it can be trusted. As a general rule, I think security is a very poor choice of function to outsource. For a *bank*, I think it's just WRONG. David Gillett-----Original Message----- From: Meritt James [mailto:meritt_james () bah com] Sent: July 31, 2003 06:16 To: pablo gietz Cc: simon () snosoft com; security-basics () securityfocus com Subject: Re: Hosting A bank is outsourcing? yeah..... There may well be privacy and treasury guidance that restricts what they can do. I recommend checking. Jim pablo gietz wrote:Sr. I am the Security administrator of “that” Bank, and the "management" wants to give hosting to some ISP (friend of them), and I think our security is better than they offer. I'm looking forarguments to rebatetheir posture or to demand proves to the IPS about thesecurity they areoffering. SMBE (sorry my bad English) ATD wrote:Pablo, The hosting for the banks systems depends on thebank. Most banks usetheir own networks, which might I add are very insecure(yes speakingfrom expereince.) The networks often consist of commercialoperatingsystems that are not up to par with the latest patches, as well as administrators that are drowning in policies. (the biggerbanks). Whydon't we hear about them getting hacked more often? Well,that would bebad publicity now wouldn't it? Are you looking to have your network hosted or areyou looking intobuilding secure banking networks? On Tue, 2003-07-29 at 16:20, pablo gietz wrote:Hi all What are the usual terms and condition about security aBank may requireto a hosting company? Legal aspect, security, availability, confidentiality,any interestinglink?. It’s better to have the hosting into de company or out ? Thanks -- Pablo A. C. Gietz Jefe de Seguridad Informática Nuevo Banco de Entre RÃos S.A. Te.: 0343 - 4201351 La información y archivos contenidos en este mensaje sonconfidenciales y para utilización exclusiva de los destinatarios consignados. Si Usted no reviste ese carácter, no se encuentra autorizado para divulgar, copiar,distribuir o retener todo o parte de la informacion y archivos, y deberá notificarlo de inmediato al remitente y eliminarlo de su sistema. Muchas gracias.--------------------------------------------------------------------------------------------------------------------------------------------------------- Pablo A. C. Gietz Jefe de Seguridad Informática Nuevo Banco de Entre Ríos S.A. Te.: 0343 - 4201351 La información y archivos contenidos en este mensaje sonconfidenciales y para utilización exclusiva de los destinatarios consignados. Si Usted no reviste ese carácter, no se encuentra autorizado para divulgar, copiar,distribuir o retener todo o parte de la informacion y archivos, y deberá notificarlo de inmediato al remitente y eliminarlo de su sistema. Muchas gracias.-------------------------------------------------------------- ------------- -------------------------------------------------------------- -------------- -- James W. Meritt CISSP, CISA Booz | Allen | Hamilton phone: (410) 684-6566 -------------------------------------------------------------- ------------- -------------------------------------------------------------- ----------------------------------------------------------------------------------------- ----------------------------------------------------------------------------
-- Pablo A. C. Gietz Jefe de Seguridad Informática Nuevo Banco de Entre Ríos S.A. Te.: 0343 - 4201351 La información y archivos contenidos en este mensaje son confidenciales y para utilización exclusiva de los destinatarios consignados. Si Usted no reviste ese carácter, no se encuentra autorizado para divulgar, copiar,distribuir o retener todo o parte de la informacion y archivos, y deberá notificarlo de inmediato al remitente y eliminarlo de su sistema. Muchas gracias. --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- Hosting pablo gietz (Jul 29)
- Re: Hosting Scott M. Algatt (Jul 30)
- Re: Hosting Adam Newhard (Jul 30)
- Re: Hosting ATD (Jul 30)
- Re: Hosting pablo gietz (Jul 30)
- Re: Hosting Meritt James (Jul 31)
- RE: Hosting David Gillett (Jul 31)
- Re: Hosting pablo gietz (Jul 31)
- Re: Hosting pablo gietz (Jul 30)
- <Possible follow-ups>
- Re: Hosting KoRe MeLtDoWn (Jul 30)