RE: CRIME Computers vulnerable at Oregon department

From: alan (alan@private)
Date: Mon Sep 23 2002 - 12:24:35 PDT

  • Next message: Andrew Plato: "RE: CRIME Computers vulnerable at Oregon department"

    On Mon, 23 Sep 2002, Andrew Plato wrote:
    
    > This is a sad story because I would bet that a lot of these issues could 
    > be cleared up with some basic security improvements. In my travels 
    > around the server rooms of some of the Pacific Northwest's and 
    > California's largest employers and state agencies, I've come to realize 
    > that security is still very weak. Some basic things, like developing a 
    > security policy, are totally non-existent. 
    
    Don't just think that it is a monitary issue. Companies spend money on all 
    sorts of things they don't need or don't know how to use properly (like 
    Oracle) that cost them big bucks.
    
    Securing a network is often a big political issue.
    
    You have to be able to say NO to a bunch of people who want no 
    restrictions whatsoever.  And those people have more pull than the IS 
    department.
    
    Management says they want security, but they don't want to have to do 
    anything different to make it happen.
    
    Because computers are magic.
    



    This archive was generated by hypermail 2b30 : Mon Sep 23 2002 - 21:24:30 PDT