"Doug Hart" <DougHart@xxxxxxxxxxxx> wrote:
Why would you ever go to level 50? You organization is just a retailer.
We, on the other hand, went from Sec30 to Sec50 some years ago, basically as soon as (a) we'd stripped out all the non-Sec50-friendly hacks out of our products, and (b) we started seeing a lot of our customers going from Sec30 to Sec50. It wasn't so much that we needed the added security (having the "family jewels" source on boxes physically isolated from the outside world is plenty secure), but we needed to be the first to know if we inadvertently did something that either took a performance hit, or broke down entirely, under Sec50.
Many years ago, I drew up a cartoon that explained the security levels, with appropriate captions:
Sec10 is like having a door on your building. Sec20 is like having a LOCKED door on your building. Sec30 is like having LOCKED ROOMS in your locked building.Sec40 is like having A GUARD WATCHING OVER the locked rooms in your locked building.
Sec50 is like having an ARMED guard watching over the locked rooms in your locked building.