Some commercial sectors, such as financial services, have stopped using FTP to transfer files because of security concerns
Really? What could those have been?
It’s “not fair” to require employees to encrypt files when they don’t have easy tools to do so, Elgamal said.
Fair enough. But I’m a bit upset that our tax dollars are being spent with such disregard for the data these groups need to protect.
We’ve gotten to a point here at Redux where we are pushing everything via SSL, regardless as to whether it is tunneled via IPSec VPN. I like how wellsfargo.com immediately redirects you to https://www.wellsfargo.com. To me that says they take security seriously.
The vast majority of people are actually good people,” Elgamal said. “What they want to do is get the job done. An employee, if you tell them to do something, is just going to get it done. If you don’t provide them the right tools, they’re still going to get it done.”
The problem stems from lazy IT/IS departments and policy controls. I spend part of my day as a System Engineer on a variety of levels, and I consistently remind myself to do it right from the beginning, otherwise it will never be done correctly.
For fellow Systems folks performing civil service responsibilities, do it right the first time. Everything after that will be so much easier.
This entry was posted on May 18, 2010, 4:01 am and is filed under Comments. You can follow any responses to this entry through RSS 2.0.
You can skip to the end and leave a response. Pinging is currently not allowed.
Security in the U.S. Federal Work Place
Apparently leaves very little to be desired.
Some commercial sectors, such as financial services, have stopped using FTP to transfer files because of security concerns
Really? What could those have been?
It’s “not fair” to require employees to encrypt files when they don’t have easy tools to do so, Elgamal said.
Fair enough. But I’m a bit upset that our tax dollars are being spent with such disregard for the data these groups need to protect.
We’ve gotten to a point here at Redux where we are pushing everything via SSL, regardless as to whether it is tunneled via IPSec VPN. I like how wellsfargo.com immediately redirects you to https://www.wellsfargo.com. To me that says they take security seriously.
The vast majority of people are actually good people,” Elgamal said. “What they want to do is get the job done. An employee, if you tell them to do something, is just going to get it done. If you don’t provide them the right tools, they’re still going to get it done.”
The problem stems from lazy IT/IS departments and policy controls. I spend part of my day as a System Engineer on a variety of levels, and I consistently remind myself to do it right from the beginning, otherwise it will never be done correctly.
For fellow Systems folks performing civil service responsibilities, do it right the first time. Everything after that will be so much easier.
This entry was posted on May 18, 2010, 4:01 am and is filed under Comments. You can follow any responses to this entry through RSS 2.0. You can skip to the end and leave a response. Pinging is currently not allowed.