Fri, Mar 31 2006 17:31
Drinking that Security Koolaid
There's a vendor out there that is drinking the Security Koolaid. To the point where that I can even see the telltale sign of a red tongue and a Koolaid mustache on their mouth. Now this isn't a vendor that you would normally think would be drinking the Security Koolaid... and it's certainly not the vendor you are probably thinking that I'm talking about.....
This is a vendor that... indeed may be setting the path for my Accounting Industry by being one of the first to step up to the bar and do the right thing. Dr. Jesper Johannson in his "Is that Application Really Safe" presentation talks about how accounting applications are some of the worst offenders for being a security minded application. And it's true. Here when we should be the bellweather of the industry..the shining light of best practices... the standard setter.... so many times I hear from folks that it's the "beancounter program" that makes them make compromises in their networks. Even my fellow CPAs... sorry guys, I have to beat up on ourselves... we really don't take the time sometimes to think about security. We want to get the job done for our clients and sometimes, like in any business, security has to take a back seat. We blindly email files containing sensitive data and never even think of what we're doing.
So when the other day I had a conversation with some folks from this Company... it was refreshing to hear in the phone call that they were drinking that Security Koolaid. And lots of it. To the point that they will be pushing us in the future....not us pushing them.
But you know something else.... don't just lay this in the lap of our vendors... as fellow Security MVP Harry Waldron pointed out ... Security is spelled sec-U-R-IT-y. Security isn't just about "them" ... it's about "You". "You are it." You are part of it. Part of Security. You are in fact the biggest part of the security piece... and without "You", this vendor can drink enough Security Koolaid to make them a sugar diabetic but it's not going to help secure your network, your data, your clients data. You have to help this process by being an aware end user and not blindly do stuff like we're doing these days. By setting up your network properly, configuring it properly. By having security policies, and set forth to your employees an acceptable use policy of what they can and cannot do on your network. "You" first have to help this process...it can't just be on the backs of vendors.
....so ...guess which vendor I talked to the other day that is on their way to getting Security?
....and no this isn't an early April Fool's day joke either... I'm serious here.
... I really and truly feel that this Vendor "gets" security and will be pushing us to "get" it too in the near future ...
....the vendor is....believe it or not.... this one!
Filed under: Security, News