Re: [PLUG] Spark Core (corrected)

Rich Freeman on 26 Oct 2014 11:49:20 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Spark Core (corrected)

From: Rich Freeman <r-plug@thefreemanclan.net>
To: "Philadelphia Linux User's Group Discussion List" <plug@lists.phillylinux.org>
Subject: Re: [PLUG] Spark Core (corrected)
Date: Sun, 26 Oct 2014 14:49:13 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:content-type; bh=JZeD2xOa1QO8Yym92++siXOEoauqVAGEMaNAxX5AQDo=; b=aOEPLKjcm8/Id5YOyQI13EaZYpfVM+kXDiQztK1mzZzeJIdAuvbCM8yM27DIlJtHp6 +x/schb1PPdOekLh/caWpUvnjvGudSI/On3wNpuhMDLsPntRAidc84QfFp87eDEb5kJQ D9Ceoif2i+wyKyHZfT+HEaYR9xruICUxpAZXw2/U5CCjA0FmtcjziQyvsUHZ1gQxuL/w whQgFffLRKzHdSEG3rQEbG0lcfWnCylz/JcElA4pRYW1oU//ItIjY+JE0XPuMp1j1gcw K29WG6QEvPCTiweq3viho4Bl+PVN5ts37B4ny5hPLsei6gpn7eatleEuyzqnQnF9jFha 37pA==
Reply-to: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>
Sender: "plug" <plug-bounces@lists.phillylinux.org>

On Sun, Oct 26, 2014 at 2:27 PM, Keith C. Perry
<kperry@daotechnologies.com> wrote:
> Good point there Rich.  I would add that the health IT / medical IT space is
> more conscious as well.  One of things I had to do as result of HIPAA
> regulations was to write security statements.
> ...
> I can't say I've ever been asked to verify.

That's the rub.  Speaking as somebody who works in the health IT
industry I've seen lots of statements on RFPs asking companies to
certify that their software encrypts data/etc, but rarely any real
follow-up/verification.  If they say it is encrypted, then it must be.
Maybe somebody will look in the database and note that a field isn't
human-readable, but they won't ask questions like "if I can't read it,
how can the software, and what are the implications of how it does it"
(hint, if you didn't have to install an HSM, that encrypted data is
only as secure as the drive the key is sitting on).  Companies love to
have documents that say things like "your digital signature is not
repudiable" without realizing what that actually means (hint, saying
it or agreeing to it doesn't make it so).

>
> I call that "the buck stop there" syndrome  :)
>

Getting back to your earlier email, I think this is a BIG driver for
outsourcing.

You can say with a straight face that you don't hire illegal aliens or
commit fraud, while getting many of the cost benefits of doing those
sorts of things because you hand off your work without looking too
closely at those you hand it off to.  Of course, you do insist that
they sign a contract saying that they're completely above-board.

Outsourcing overseas often is more of the same, except that even the
laws are often more lax letting you get away with still more...

--
Rich
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug

Follow-Ups:
- Re: [PLUG] Spark Core (corrected)
  - From: Joe Rosato <rosatoj@gmail.com>

References:
- [PLUG] Spark Core
  - From: "Keith C. Perry" <kperry@daotechnologies.com>
- Re: [PLUG] Spark Core (corrected)
  - From: "Keith C. Perry" <kperry@daotechnologies.com>
- Re: [PLUG] Spark Core (corrected)
  - From: Rich Freeman <r-plug@thefreemanclan.net>
- Re: [PLUG] Spark Core (corrected)
  - From: Paul Walker <starsinmypockets@gmail.com>
- Re: [PLUG] Spark Core (corrected)
  - From: "Keith C. Perry" <kperry@daotechnologies.com>
- Re: [PLUG] Spark Core (corrected)
  - From: Rich Freeman <r-plug@thefreemanclan.net>
- Re: [PLUG] Spark Core (corrected)
  - From: "Keith C. Perry" <kperry@daotechnologies.com>

Prev by Date: Re: [PLUG] Spark Core (corrected)
Next by Date: [PLUG] Delete KDE Activity Manager Icon from the Panel
Previous by thread: Re: [PLUG] Spark Core (corrected)
Next by thread: Re: [PLUG] Spark Core (corrected)
Index(es):
- Date
- Thread