Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Managed Firewall Service - Opinions

From: Mike Hoskins <mike () adept org>
Date: Fri, 18 Apr 2003 14:01:57 -0700 (PDT)
On Fri, 18 Apr 2003, R. DuFresne wrote:

Which raises a question also;  if the employer pays for you to get
certified, and many do, then where do the loyalties of the certified
professional lay?  <see below>


Another good question.  :)  I hate cross-boundary analogies, but a similar
question could be raised wrt medical workers.  Do they stay loyal to their
doctorate oaths, or to the institutions paying their sallaries?  One
certainly hopes the prior loyalty overrides the latter's monetary
motivation.  (It seems to.)


We found this to be based more upon the corporate climate then an
adherence to an ethical standing based upon principals equated to a
certifying authority.


Fair enough...


How many MSSP's actually proclaim they will not allow a *paying* client to
shoot themselves in the foot though?  Are there known instances from the
group that have gone the outsourced route whence the MSSP refused to
impliment a policy change that was requested from authorized personnel
for the client?  The question might well arise about who is actually in
control of the managed service...the payee or the payor?


I think what you want (or what you should look for in a MSSP) is a
provider that has staff both smart[1] and 'ethical' (professional ethics,
or a corporate climate promoting 'good' practice) enough that they will
view any requested changes with a technically critical eye.  Then they can
present you with possible problems raised by the requested config change
and potential workarounds.  Of course if you say you want the change made
no matter what...  They should make the change.  It is your system,
and 'the customer is always right'.  Then the contract should certainly
dictate that the responsibility for any changes made despite the
provider's contrary professional advice lies soley with the client.

Of course this is all just my opinion, or the way I'd like to think MSSP's
work (or try to work) in the real world.  That and a few cents probably
won't even buy a cup of coffee in today's economy.

-mrh

[1] If only 'smart' and 'ethical' always went together.

--
From: "Spam Catcher" <spam-catcher () adept org>
To: spam-catcher () adept org

Don't send email to the address listed here or you will be added
to a blacklist!  It is a TRAP for address harvesters.
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: