Security Basics mailing list archives
RE: A reminder that security is not inherently solvable with tec hnology
From: "Parisi, Robert" <Robert.Parisi () AIG com>
Date: Fri, 7 Nov 2003 12:13:18 -0500
very good point-i dont think that outsource/inhouse, local vs foreign are issues that can be viewed in isolation. The truism that is the subject header cannot be overstated--how many rely upon "robust and complex" password protocols only to have it thwarted by social engineering or the dreaded hand written post-it note. security needs to be baked into not just the technology and applications but into management's consciousness and then user community at large. -----Original Message----- From: salgak () speakeasy net [mailto:salgak () speakeasy net] Sent: Friday, October 24, 2003 1:05 PM To: Tsai Li Ming; security-basics () securityfocus com Subject: Re: A reminder that security is not inherently solvable with technology
-----Original Message----- From: Tsai Li Ming [mailto:mailinglist () ltsai com] Sent: Friday, October 24, 2003 08:25 AM To: security-basics () securityfocus com Subject: RE: A reminder that security is not inherently solvable with
technology
I would like to point out another side of the story. I would agree that privilege information shouldn't be outsourced. It shouldn't even be outsourced to another company, whether local or overseas. On the other
hand,
we should bear in mind that off shoring a job does not necessary mean that it is less secure. A disgruntled local employee could do the same thing. What makes a local employee more trustworthy than an offshore worker?
Only the fact that it is easier to observe the actions of a local employee. . .
You can have the best security in place but it can be compromised by a single employee. Can we ever replace trust with technology?
Only when we physically get wired up. . . and frankly, I'm not letting my employer OR my government control my brain. . . --------------------------------------------------------------------------- Visual & Easy-to-use are not words that you think of when talking about network analyzers. Are you sick of the three window text decodes? Download ClearSight Network's Analyzer and see a new network analysis tool that makes the complex - easy http://www.securityfocus.com/sponsor/ClearSightNetworks_security-basics_0310 21 ---------------------------------------------------------------------------- --------------------------------------------------------------------------- Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE The Presidio integrates PGP data encryption and XML Web Services security to simplify the management and deployment of PGP and reduce overall PGP costs by up to 80%. FREE WHITEPAPER & 30 Day Trial - http://www.securityfocus.com/sponsor/ForumSystems_security-basics_031027 ----------------------------------------------------------------------------
Current thread:
- RE: A reminder that security is not inherently solvable with tec hnology Parisi, Robert (Nov 07)