|
> John, > > I am invoking the god given right to make a partial retraction of my last > note...After thinking about the last couple of exchanges over 6 medium-hot > Buffalo Wild Wings and a beer, I realized... [jte] It must have been the Buffalo wings. > I fell into the trap that I HATE falling into and hate when others fall > into it. That is the trap of speaking as if the word "secure" means the > same thing to everyone. I did that in all of these posts and I apologize. > > So, for my retraction... > I agree that it is possible to meet the requirements of a "rational" > security policy by using exit point programs or products. [jte] I'm feeling a whole lotta love right now. :) Next step is I try to get you to see that exit programs are a natural fit with resource security, Application Only Access, and other security schemes. They provide an important security layer that protects data when application security falls down. > I still argue that for the highest possible security, object level access > control is required. In other words, you can't attain the highest possible > level of security on your system without object level access control. That > said, it is obviously not everyone's requirement to attain the highest > possible level of security. [jte] I can't argue with the first statement. And I will concur with your earlier point that the iSeries makes it easier and less expensive to do really good security than other architecture (which leaves open the question "Why do so few people do it?"). As for the last statement, I still maintain that even people who require the highest possible level of security can't get their overnight. They need a natural migration path to that desired end. > > Perhaps I should go back to lurking...:-) [jte] Please, no. I haven't gotten this fired up about something on the list in months. :-) jte -- John Earl | Chief Technology Officer The PowerTech Group Seattle, WA 98032 (253) 872-7788 x 302 john.earl@powertechgroup.com www.powertech.com --
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.