Rich Kulawiec on 17 Jan 2017 00:28:53 -0800

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Lastpass - friend of foe

On Tue, Jan 10, 2017 at 09:46:33AM -0500, Michael Leone wrote:
> You presuppose that they lack the skill to run their own mail server.
> More likely, it makes more economic sense for them to outsource that
> function, so that their employees can concentrate on other core tasks
> of the enterprise.
> I used to work at a small insurance firm [snip]

But they're not in the insurance business.

They're in the security business.

Which means that one does not skimp on basic operational necessities
like email by outsourcing to a mediocre service with multiple obvious
and serious design and implementation issues.

ESPECIALLY because they're in the security business.

One spends the money required to hire (at least) minimally-competent
people and builds/runs key infrastructure in-house.  This isn't hard,
and it's getting easier every day.

If they're too foolishly cheap to handle their own basic operational
functions, then why should you believe they're not just as foolishly
cheap with something/everything else?

Worse, if they don't grasp the concept that they *should* handle their
own basic operational necessities, then you're dealing with people
who shouldn't be in the security business.

They aren't good enough.

And we already have quite enough ignorant newbies meddling in things far
beyond them, which is one of the major reasons we have so many problems.
(See, for example: the IOT, aka the world's most widely distributed dumpster
fire.  Or for matter, systemd.)

Yes, I'm being a little testy here, but I've moved firmly into this camp:

	Current Peeve: The mindset that the Internet is some sort of
	school for novice sysadmins and that everyone *not* doing stupid
	dangerous things should act like patient teachers with the ones
	who are.
		--- Bill Cole

Philadelphia Linux Users Group         --
Announcements -
General Discussion  --