Re: C-level execs ignorant of Web 2.0 dangers

[Rich Kulawiec <rsk () gsp org>]

On Thu, May 28, 2009 at 10:25:00PM -0700, Tomas L. Byrnes wrote:
> What, exactly, is the benefit to a trading desk @ a hedge fund (the
> client in question) of allowing access to Facebook? Seriously, outside
> of sales and marketing, who needs Facebook @ work?

[...]

> So, the decision to not allow sites that are known security risks, and
> contribute nothing to the business, is a pretty easy one.

Were I running a network used by such an entity, I'd disallow ALL sites
by default and only permit traffic to/from those necessary for the conduct
of business.  That's draconian, but given the regulatory and security
issues in play, I think it's the only method that's got a chance.

---Rsk
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.