Le 09/07/2014 15:11, Anton Aylward a écrit :
management's responsibility. Letting admins make decisions about this according to their personal judgement means that management is failing in its (possibly fudicial) duty.
you still need an admin to take the decision :-). Some enforcements can make things very difficult to manage, there is always a tradoff between ease and security.
attitude. Security can also focus on what needs to be done, eliminate distractions, remove 'cart-before-the-horse' scenarios, garner budget, coordinate activities of various groups, achieve economies of scale, assure consistency, and from a management perspective it has a number of advantages related to legal and regulatory matters.
what you describe is ideal world :-) - seeing the number of banks still using the usual login/passwd system to login shows that it's not that common :-(
implementing basic security measures. By many scales, commercial organizations seem better at computer security than the DoD.
not o many, I fear. And do not misunderstand me: you are perfectly right on what you ask, I only doubt so many company do so, alas jdd -- http://www.dodin.org -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org