On Fri, Dec 12, 1997 at 11:57:38AM -0500, Hal wrote:
> I heard recently about a large military think tank which had forbid
> any applets at all except onces that they had checkout and cached
> internally. Nothing directly from outside. This worked for about a
> month and was dropped. Their users wouldn't put up with it.
I can't say this surprises me. "Military think tanks" are businesses
like any other; their business is to latch onto contracts and suckle for
all they're worth. Security doesn't play a particularly strong role in
this mission.
By contrast, it's easy to enforce a policy ``absolutely no applets
from the internet at all, whatsoever'' in a Wall St. business; just
develop the security policy properly, structuring it so the mandates are
directly anchored on business needs, get it approved by management, and
show it to the users. If it's sufficiently clearly written, it won't
even need defending --- they'll be able to see that attacking this is
directly attacking the business.
> So they decided to take the risk, roll the dice, (whatever metaphor
> you like) and hope (or trust) that they weren't going to get wacked.
Probably a safe bet; I'm sure they don't have anything anyone cares
about on their computers. You betcha they spend the money they suck in
as fast as they sluurp it up --- they don't sit on it. There's nothing
else of value there:-).
-Bennett
Received on Dec 17 1997
Intro
