Security Basics mailing list archives
RE: A reminder that security is not inherently solvable with technology
From: "Tsai Li Ming" <mailinglist () ltsai com>
Date: Fri, 24 Oct 2003 16:25:59 +0800
I would like to point out another side of the story. I would agree that privilege information shouldn't be outsourced. It shouldn't even be outsourced to another company, whether local or overseas. On the other hand, we should bear in mind that off shoring a job does not necessary mean that it is less secure. A disgruntled local employee could do the same thing. What makes a local employee more trustworthy than an offshore worker? You can have the best security in place but it can be compromised by a single employee. Can we ever replace trust with technology? Liming -----Original Message----- From: jm [mailto:jm () mindless com] Sent: 24 October 2003 6:26 AM To: JGrimshaw () ASAP com Cc: security-basics () securityfocus com Subject: RE: A reminder that security is not inherently solvable with technology Very valid points, particularly in the UK as one of the biggest banks, "The world's local bank" has decided to lay off 4500 UK workers to offshore staff to offshore centers in asia. I am based in the Isle of Man, and recently had an conversation with the local Data Protection officer. The new Data Protection Act 2002, implies that countries outside the EU, US, and Australia are considered to not have appropriate protection mechanisms in place, and therefore confidential (personal) information should not be transmitted to anywhere outside these countries. I would be interested in learning if anyone reading the list, has any comments about how the UK/EU/Any legislation permits for the accessing of personal indetifiable information outside these areas in an offshoring type operation? Which would to an extent protect against the incident mentioned on the below URL.... Thanks JM -----Original Message----- From: JGrimshaw () ASAP com [mailto:JGrimshaw () ASAP com] Sent: 23 October 2003 14:50 Cc: security-basics () securityfocus com Subject: A reminder that security is not inherently solvable with technology http://www.sfgate.com/cgi-bin/article.cgi?file=/c/a/2003/10/22/MNGCO2FN8 G1.DTL This article was posted on Slashdot today; I believe it speaks volumes. You can defend your network against all known aggressors, and yet this simple common denominator reduces the security threshold to zero. ------------------------------------------------------------------------ --- Visual & Easy-to-use are not words that you think of when talking about network analyzers. Are you sick of the three window text decodes? Download ClearSight Network's Analyzer and see a new network analysis tool that makes the complex - easy http://www.securityfocus.com/sponsor/ClearSightNetworks_security-basics_ 031021 ------------------------------------------------------------------------ ---- --------------------------------------------------------------------------- Visual & Easy-to-use are not words that you think of when talking about network analyzers. Are you sick of the three window text decodes? Download ClearSight Network's Analyzer and see a new network analysis tool that makes the complex - easy http://www.securityfocus.com/sponsor/ClearSightNetworks_security-basics_0310 21 ---------------------------------------------------------------------------- --------------------------------------------------------------------------- Visual & Easy-to-use are not words that you think of when talking about network analyzers. Are you sick of the three window text decodes? Download ClearSight Network's Analyzer and see a new network analysis tool that makes the complex - easy http://www.securityfocus.com/sponsor/ClearSightNetworks_security-basics_031021 ----------------------------------------------------------------------------
Current thread:
- hunt tool Jorge Garcia (Oct 21)
- Re: hunt tool Toyama no Benbei (Oct 22)
- A reminder that security is not inherently solvable with technology JGrimshaw (Oct 23)
- Re: A reminder that security is not inherently solvable with technology Kamal Habayeb (Oct 23)
- Re: A reminder that security is not inherently solvable with technology Paul O'Malley (Oct 24)
- RE: A reminder that security is not inherently solvable withtechnology Mike Peppard (Oct 24)
- RE: A reminder that security is not inherently solvable with technology Jeremiah Powell (Oct 27)
- Re: A reminder that security is not inherently solvable with technology Steve (Oct 27)
- Re: A reminder that security is not inherently solvable with technology John T. Hoffoss (Oct 28)
- A reminder that security is not inherently solvable with technology JGrimshaw (Oct 23)
- Re: hunt tool Toyama no Benbei (Oct 22)
- RE: A reminder that security is not inherently solvable with technology jm (Oct 23)
- RE: A reminder that security is not inherently solvable with technology Tsai Li Ming (Oct 24)
- <Possible follow-ups>
- RE: hunt tool Jorge Garcia (Oct 22)
- Re: hunt tool Eric Hagen (Oct 22)
- Re: hunt tool Jorge Garcia (Oct 24)