Security:Sometimes less is more

By mian,on April 18th,2011%

I am a security architect. My job is not to provide the best in class security,just in case you didn’t get it,MY JOB IS NOT TO PROVIDE BEST IN CLASS SECURITY. I strive to provide the RIGHT LEVEL of security based on the risk,always taking into account the usability and cost of the solution I am recommending. There is a reason why enterprise architects and people who run the business and pay the bills sometimes hate the security types. More often than not,we try to recommend super duper secure solutions which cost a fortune and are mostly unusable. We love 8…oops is it 12 or 16 characters now passwords with alphanumeric,upper case,lower case characters. Doesn’t matter if nobody,includng us could remember them;and we want them to change those every other week ?. We love to spread fear and create confusion. My brother called me last night asking what can he do to protect his social security number;some security type had told him that last year 5 million identities were stolen in USA alone. Who comes up with these absurd numbers ?

On a serious note,when . . . →Read More:Security:Sometimes less is more

One comment   Security Architecture

Categories

Archives

A sample text widget

Etiam pulvinar consectetur dolor sed malesuada. Ut convallis euismod dolor nec pretium. Nunc ut tristique massa.

Nam sodales mi vitae dolor ullamcorper et vulputate enim accumsan. Morbi orci magna,tincidunt vitae molestie nec,molestie at mi. Nulla nulla lorem,suscipit in posuere in,interdum non magna.