Sidebar re idiots (was Firewall administration)

[David Collier-Brown <davecb () canada sun com>]

Bennett Todd wrote:
> > [ lots of interesting ideas, most of which I happily agree with, and then: ]
> >       From the security officer's point of view, there are two
> >       enemies: the attacker and his own management.
>
> This statement I can't agree with. In my experience to date, my management has
> never been out to actively sabotage the organization; they've been trying to
> set appropriate policy, and just sometimes need some instruction in security
> issues. I give them the right info and they make good decision. Sometimes they
> even surprise me with better security policy decisions than I could come up
> with.

        Those are the good companies.
        I'm posting from one of them... I prefer to work for them.
Alas, they're in a minority, and even the best ones have pockets of
non-brilliance.
        A former employer's security officers in country X were
breaking into private accounts in countrys X, U and C to attack
one of their sites in country C.  UUNET has the logs...

--dave (that's why they'e former employers) c-b
[ps: I'm getting off-topic]
-- 
David Collier-Brown,  | Always do right. This will gratify some people
185 Ellerslie Ave.,   | and astonish the rest.        -- Mark Twain
Willowdale, Ontario   | davecb () hobbes ss org, canada.sun.com
M2N 1Y3. 416-223-8968 | http://java.science.yorku.ca/~davecb