Click here to monitor SSC
SQLServerCentral is supported by Red Gate Software Ltd.
 
Log in  ::  Register  ::  Not logged in
 
 
 
        
Home       Members    Calendar    Who's On


Add to briefcase

Outsourcing Security Expand / Collapse
Author
Message
Posted Thursday, September 27, 2012 12:01 AM


SSC-Dedicated

SSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-DedicatedSSC-Dedicated

Group: Administrators
Last Login: Yesterday @ 4:10 PM
Points: 33,095, Visits: 15,202
Comments posted to this topic are about the item Outsourcing Security






Follow me on Twitter: @way0utwest

Forum Etiquette: How to post data/code on a forum to get the best help
Post #1365040
Posted Thursday, September 27, 2012 1:11 PM
Mr or Mrs. 500

Mr or Mrs. 500Mr or Mrs. 500Mr or Mrs. 500Mr or Mrs. 500Mr or Mrs. 500Mr or Mrs. 500Mr or Mrs. 500Mr or Mrs. 500

Group: General Forum Members
Last Login: Thursday, July 24, 2014 3:53 PM
Points: 594, Visits: 957
In some ways we outsource security already by relying on software from Webroot, Symantec, McAfee and others to protect our PCs from viruses and other nastiness. Outsourcing data security is just another step along that path, albeit one that requires more interaction than just passively accepting updates to a virus database.

I agree that communication skills will be essential. I also think a certain level of security knowledge will still be required in order to apply those communication skills and have the necessary conversations with the outsource provider, and also to help guide the security scope and / or put security audits in place.

Another example of the job not going away, just changing at the detail level...



Here there be dragons...,

Steph Brown
Post #1365469
Posted Thursday, September 27, 2012 2:52 PM


SSCertifiable

SSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiableSSCertifiable

Group: General Forum Members
Last Login: Today @ 8:27 AM
Points: 5,573, Visits: 24,812
I wonder who is responsible for checking the checkers .... what if the rogue individual works for the security firm. He/she becomes aware of a fault in the system and then executes same, BEFORE others in the firm can amend the code / test the new code/create an update/Upload the update to all its customers.

It becomes a never ending circle, it goes back to the old saying "trust no one not ever yourself"


If everything seems to be going well, you have obviously overlooked something.

Ron

Please help us, help you -before posting a question please read

Before posting a performance problem please read
Post #1365514
« Prev Topic | Next Topic »

Add to briefcase

Permissions Expand / Collapse