[2698] in WWW Security List Archive
Re: DOS and Macro Virus Discussion
daemon@ATHENA.MIT.EDU (Chris Garrigues)
Mon Aug 19 19:52:24 1996
To: "John C. Pavao" <pavaojc@rixix.sod.eds.com>
Cc: www-security@ns2.rutgers.edu, cwg@deepeddy.DeepEddy.Com
In-Reply-To: Your message of "Mon, 19 Aug 1996 11:31:32 PDT."
<3218B304.3A8@rixix.sod.eds.com>
Date: Mon, 19 Aug 1996 15:02:55 -0500
From: Chris Garrigues <cwg@DeepEddy.Com>
Errors-To: owner-www-security@ns2.rutgers.edu
--===_-1_Mon_Aug_19_15:02:54_CDT_1996
Content-Type: text/plain; charset=us-ascii
> Yes, but managers run corporations, not sysadmins. If sysadmins ran
> corporations, I could see that argument. Managers are thinking about
> ease of use and results before security; results are their jobs.
> Managers think about security when something gets compromised. (I'm not
> criticizing managers, I'm just saying what I see.) Managers see that
> the WWW is a way to do all kinds of things that used to require
> expensive applications. They see $$$ being saved. Managers have no
> idea what ActiveX is and shouldn't have to. What they do know is that
> if I tell them they can't use the Web to do what they wanted to because
> of security problems, I'm standing between them and $$$. And I sure
> don't like M$ putting me in that position.
Yes, but....
It is (or should be) part of the job of sysadmins to make certain that
managers understand the implications of ignoring the security issues. There's
a local startup who I did some contracting with *after* his site was broken
into by a disgruntled former employee (former sysadmin, actually) and all the
disks reformatted. Needless to say, he's be at least $100,000 richer today if
he'd been concerned about security somewhat sooner.
> (Opinions expressed are solely my own and are in no way to be connected
> to my employer.)
Well...if your employer doesn't agree with you on your interpretation of what
management wants, then why are you making these claims?
Chris
--
Chris Garrigues O- cwg@DeepEddy.Com
Deep Eddy Internet Consulting +1 512 432 4046
609 Deep Eddy Avenue
Austin, TX 78703-4513 http://www.DeepEddy.Com/~cwg/
--===_-1_Mon_Aug_19_15:02:54_CDT_1996
Content-Type: application/pgp-signature
-----BEGIN PGP MESSAGE-----
Version: 2.6.2
iQB1AwUBMhjIapaQnaaFII2dAQEn9AMAnRjVxoZdk1AOyTNNoMmSLr0aHypToBW7
lJdQEtxVVoDj+dwcdWfI1zZsCPmWF0lPH6jaEAKtwCpQYWG4T1RijAlkoxHJxghk
t7lE9yPOrYelWN47p1Czsx5EvKO3IkSt
=wYjY
-----END PGP MESSAGE-----
--===_-1_Mon_Aug_19_15:02:54_CDT_1996--
