[clue] Securing data in transit/at rest.
Andrew Diederich
andrewdied at gmail.com
Mon Nov 10 20:33:38 MST 2014
On Mon, Nov 10, 2014 at 8:19 PM, David L. Anselmi <anselmi at anselmi.us>
wrote:
> Aaron D. Johnson wrote:
> > David L. Anselmi writes:
>
> <snip>
>
> > Perhaps that's what your security guys are after. Perhaps not. Hard
> > to say unless their policy docs have a rationale statement for each
> > policy. Heck, _they_ probably don't know themselves. :)
>
> Yes, so that's my complaint. Their policy is that files must be encrypted
> before sending via SFTP.
> But there's no rationale and if I pin them down I'd bet the answer is
> they don't know. Or they'll
> agree but stick to their policy because "more is better" or "it can't
> hurt".
Well, it doesn't hurt them if it comes out of /your/ budget. How about
theirs? Sometimes I just ask them to prioritize the list, and sometimes I
offer trades. "I have time to either implement this requirement which is
silly and you don't know why we do it, or do this other one that you really
want. Which would you like?" The real trick is to offer them something in
return you want to do anyway. Muhahahaha!
--
Andrew Diederich
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://cluedenver.org/pipermail/clue/attachments/20141110/97681c08/attachment.html
More information about the clue
mailing list