Loading ...-
-
-
BlogInfoSec.com Sponsors
-
BlogInfoSec.com Partners
Tag Archives: Policies and Procedures
When Google is faster than your Security Procedure
October 2, 2007 – 6:00 am
–
The other day I found a security badge on the streets of NYC.
I made the honest attempt at calling the number on the back of the badge in order to return it to its rightful owner. Unfortunately, the number on the back of the badge was answered by an automated system that 1) did not [...] …
Circumventing Controls: Comply with one policy and break another….
August 31, 2007 – 6:00 am
–
When a fellow college alumni board member found out that she could not check her personal web based email because it was against company policy, she simply had the email sent to her work account (which probably violated a different policy). She wrote:
I’ve recently started a new position where…
Microsoft and The Ethics of Product Vulnerabilities
August 27, 2007 – 6:00 am
–
Steve Lipner of Microsoft writes in The Ethics of Perfection that there is a trade off between usability and security. It’s a classic debate and well known argument that tries to answer the question: “whether it was ethical for a company with billions of dollars in the bank to ship a…
Please Read: My Policy on Publishing Email Correspondence
August 21, 2007 – 6:00 am
–
The other weekend I had an interesting experience.
I always assumed that blogging is public and that any email correspondence between bloggers should be kept private — that’s why it’s sent via email and not posted on the blog! — unless one asks and is granted permission to…
Linus Torvalds: Security a matter of opinion