Comments on: What were they thinking? http://snajsoft.com/2008/01/11/what-were-they-thinking/ Software Engineer > Security Officer > Security Architect Mon, 31 Oct 2011 09:00:30 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: Peter Hillier http://snajsoft.com/2008/01/11/what-were-they-thinking/comment-page-1/#comment-10 Peter Hillier Tue, 26 Feb 2008 02:39:48 +0000 http://snajsoft.com/?p=59#comment-10 I wrote and published on this about two years ago. The article was again republished in the Taylor and Francis scholarly newsletter EDPACS and can be found at: http://www.informaworld.com/smpp/content~content=a788827974~db=all~jumptype=rss I wrote and published on this about two years ago. The article was again republished in the Taylor and Francis scholarly newsletter EDPACS and can be found at:

http://www.informaworld.com/smpp/content~content=a788827974~db=all~jumptype=rss

]]> By: Hamza Shin http://snajsoft.com/2008/01/11/what-were-they-thinking/comment-page-1/#comment-9 Hamza Shin Tue, 15 Jan 2008 02:38:33 +0000 http://snajsoft.com/?p=59#comment-9 Occasionally the business would choose the “path of least resistance” by merely seeking to fulfill whatever jurisdiction on security compliance, rather than addressing the real issue and providing true protection of data (well, we all know policy exceptions won’t enhance security). This potentially gives us a serious false sense of security, especially when an institution fails to monitor the aggregate risk that the business has accepted across the board, through meaningful measures. Hamza Occasionally the business would choose the “path of least resistance” by merely seeking to fulfill whatever jurisdiction on security compliance, rather than addressing the real issue and providing true protection of data (well, we all know policy exceptions won’t enhance security). This potentially gives us a serious false sense of security, especially when an institution fails to monitor the aggregate risk that the business has accepted across the board, through meaningful measures.

Hamza

]]> By: Vivek Khindria http://snajsoft.com/2008/01/11/what-were-they-thinking/comment-page-1/#comment-8 Vivek Khindria Mon, 14 Jan 2008 02:36:50 +0000 http://snajsoft.com/?p=59#comment-8 I agree with your sentiments. When the business is excluded from the dialogue about risks and only included in the financial discussion, guess what....No information life cycle management, and no business ownership of the data and the risks in how the data is being used, stored, shared, and disposed of. VK I agree with your sentiments. When the business is excluded from the dialogue about risks and only included in the financial discussion, guess what….No information life cycle management, and no business ownership of the data and the risks in how the data is being used, stored, shared, and disposed of.

VK

]]>