IT security people sleep well

• Previous message (by thread): IT security people sleep well
• Next message (by thread): IT security people sleep well
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, 07 Jun 2004 20:46:36 CDT, Stephen Sprunk said:

> In spite of all that, I do encourage using SSH whenever possible, but
> believing there is no cost associated with doing so is foolhardy.  Depending
> on the perceived level of threat, one might consider other security projects
> to be a higher priority.  We all have to deal with limited funding and
> staffing for projects, even for critical functions like security.

Amen to that.  It's the rare shop indeed that internal security projects are
high priority - are there *any* shops where "track down user XYZ and smack
them upside the head *again*" isn't the most pressing issue, with "Find a way
to muzzle XYZ so they can't click on it *again*" is number 2?

(I suspect the two categories of shops are "Yes, *again*", and "Usage of
live ammo is a realistic option"... ;)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20040607/4b8c49e3/attachment.sig>

• Previous message (by thread): IT security people sleep well
• Next message (by thread): IT security people sleep well
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]