At 09:42 AM 21/02/97 -0500, K.M. wrote:
>Am I the only one who thinks it's amazingly naive to trust the vendor's word
>alone on whether the security features on a mission-critical item like a
>firewall work correctly?
No you're not, but....
>And am I also the only one who thinks if someone really thinks their
network is
>worth protecting that skimping by a few thousand dollars on what they pay
for a
>firewall to get one with assurance that is independently verified is penny
>wise/pound foolish?
No you're not, but ...
>Am I also the only one who thinks organisations as short-sighted as that
deserve
>any network penetrations and destruction of critical data that are visited
upon
>them?
No, you're not, but .....
>
>KM
>
>Who can't believe a company would worry about the $5,000-10,000 difference
>between some cheapo firewall and one with independently-proven security
>assurance. Sheesh. It's not like you're buying thousands of them.
Anton Aylward
Who can't believe a manager would take the attitude that because the system
can't be made 100% secure under all conditions for a reasonable price its not
worth even trying.
How about we swap incredulity lists out of band?
/anton
--------------------------------------------------------------------------
Anton J Aylward | Security is not something that comes in
The Strahn & Strachan Group Inc | a self-contained box. It is an attribute
Information Security Consultants | of how you do business and as such
Voice: (416) 494-8661 | needs to be managed carefully.
Fax: (416) 494-8803 | - Karen Goertzel, Wang Federal Inc.
Follow-Ups:
|
|
