bloomberg on supermicro: sky is falling

• Previous message (by thread): bloomberg on supermicro: sky is falling
• Next message (by thread): bloomberg on supermicro: sky is falling
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Important distinction; You fire any contractor who does it *repeatedly* after communicating the requirements for securing your data. 

Zero-tolerance for genuine mistakes (we all make them) just leads to high contractor turnaround and no conceivable security improvement; A a rotating door of mediocre contractors is a much larger attack surface than a small set of contractors you actively work with to improve security. 

~ a

On Mon, Oct 8, 2018, at 4:53 AM, Naslund, Steve wrote:
> You just need to fire any contractor that allows a server with sensitive 
> data out to an unknown address on the Internet.  Security 101.
> 
> Steven Naslund
> 
> >From: Eric Kuhnke <eric.kuhnke at gmail.com>
> >
>  >many contractors *do* have sensitive data on their networks with a 
> gateway out to the public Internet. 
> >----------------------------------------
> >
> >I could definitely imagine that happening.
> >
> >scott

• Previous message (by thread): bloomberg on supermicro: sky is falling
• Next message (by thread): bloomberg on supermicro: sky is falling
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]