John Kreno on 25 Oct 2014 21:02:28 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Spark Core (corrected)


 That whole blurb was fairly well said, wasn't sure where you were going in the first few sentences, but I like what you have to say about the industry and it's middle and upper leadership. It's a scary world to live in right now.


On Sat, Oct 25, 2014 at 8:21 PM, Rich Freeman <> wrote:
On Sat, Oct 25, 2014 at 11:24 AM, Keith C. Perry
<> wrote:
> I will say that I've had more clients in last couple of years, especially
> smaller organizations, ask about encryption services.  Every at this point
> at least asks about the methodology we use to hand their data.

The only issue with this is that many times it is the same PHBs asking
these sorts of questions.  I've been hearing vendors tell me about
things being encrypted for ages, and usually somebody just XORed
something before storing it in the database.

Even decent encryption is only as good as its implementation, and I
doubt that many companies seriously check to see that the encryption
even tries to be decent.

I think the insurance industry actually has the potential to change
things here.  At work the fire insurance auditor always seems to be
the driver for making sure those breaker boxes are clear and so on.
Insurance companies are actually in the business of risk estimation
and if they get it wrong it hits their bottom line.  On the other
hand, many big companies just self-insure for these sorts of things
and fire a scapegoat when things go wrong even though they never had
enough budget to do anything to prevent the problem in the first

Philadelphia Linux Users Group         --
Announcements -
General Discussion  --

John Kreno

"Those who would sacrifice essential liberties for a little temporary safety deserve neither liberty nor safety." - Ben Franklin
Philadelphia Linux Users Group         --
Announcements -
General Discussion  --