Rob, > In our business this is required. There are workarounds but we believe in > progress and will not hire people to do things that can be automated. Look > at it this way - which is a bigger security risk: a buried password only > available programmatically, or yet another walking talking individual who > gives the password out to his/her supervisor when asked? It's worth noting that "Proper Security" is in the eye of the beholder. What I may view as minimal requirements, you could view as burdonsome beuacracy - and we're both right provided that everybody walks into the game with their eyes open. If you are fully aware of the risks and choose not to spend resources addressing them, that could well be the right business decision for your company. Some industries move so fast that the time it takes to "Properly Secure" something becomes a business risk factor of it's own. As long as everyone understands what is being risked, and makes informed business decisions based on solid information, I think you could call yourself "Properly Secured" for your environment. It's when people are operating on little, or bad, information that security issues are most costly. If you don't understand the risks, you're not really ready to accept them. jte -- John Earl email@example.com The Powertech Group www.powertechgroup.com Kent, Washington, USA +1 253-872-7788
As an Amazon Associate we earn from qualifying purchases.
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.