Democratic Underground Latest Greatest Lobby Journals Search Options Help Login
Google

Tech industry aims to stem security rules

Printer-friendly format Printer-friendly format
Printer-friendly format Email this thread to a friend
Printer-friendly format Bookmark this thread		 This topic is archived.
Home » Discuss » Latest Breaking News Donate to DU
 
Khephra Donating Member (1000+ posts) Send PM | Profile | Ignore Wed Dec-03-03 08:42 AM
Original message
Tech industry aims to stem security rules
WASHINGTON — The largest technology companies in the United States are working to persuade the Department of Homeland Security against consideration of costly new computer-security rules, arguing that companies already are taking aggressive steps to defend against hackers.

So far, industry has found a receptive audience. Homeland Security Secretary Tom Ridge was expected to solicit suggestions from executives Wednesday during an appearance at an industry conference in Santa Clara, Calif.

The administration already is reconsidering its support for a plan that would require publicly traded companies to describe their hacker defenses to securities regulators.

more.........

http://www.globetechnology.com/servlet/story/RTGAM.20031203.gtsecdec3/BNStory/Technology/
Printer Friendly | Permalink |  | Top
meegbear Donating Member (1000+ posts) Send PM | Profile | Ignore Wed Dec-03-03 08:44 AM
Response to Original message
1. Jeez ...
you would think technology firms would embrace computer-security rules. Pay a little now or pay a lot later.
Printer Friendly | Permalink |  | Top
 
JM Donating Member (1000+ posts) Send PM | Profile | Ignore Wed Dec-03-03 08:56 AM
Response to Original message
2. The issue is...
...the government, who is the least knowledgeable and least secure, will be mandatating tech security issues that are irrelevent, cumbersome, or otherwise infeasible.

A close friend of ours has been meeting with DHS and Ridge on this issue on a very regular basis and has been making recommendations. He is one of the foremost network security experts and has been working with FBI, SS, and others for years.

The real problem is people just don't take the issue of security seriously. Social engineering is one of the biggest factors. Idiot users don't change passwords from the default. Systems people do the same. Lax enforcement of password policies. Stupid developers who insist the master password for the database is what should be used instead of a user with minimal rights.

Regulations like HIPAA will change some behavior, but as a developer, I can assure you the best we can do is allow the user to use features if they choose to. If we force things, they will look to an easier product.

No amount of legislation and penalties is going to make up for stupidity. This is why the industry is fighting it. Adding features, and consequently, cost, to products for features that will STILL go unused or make the product too difficult for users to use is counterproductive.

Later,
JM
Printer Friendly | Permalink |  | Top
 
DU AdBot (1000+ posts) Click to send private message to this author Click to view this author's profile Click to add this author to your buddy list Click to add this author to your Ignore list Thu May 02nd 2024, 09:43 PM
Response to Original message
Advertisements [?]
 Top

Home » Discuss » Latest Breaking News Donate to DU

Powered by DCForum+ Version 1.1 Copyright 1997-2002 DCScripts.com
Software has been extensively modified by the DU administrators

Important Notices: By participating on this discussion board, visitors agree to abide by the rules outlined on our Rules page. Messages posted on the Democratic Underground Discussion Forums are the opinions of the individuals who post them, and do not necessarily represent the opinions of Democratic Underground, LLC.

Home  |  Discussion Forums  |  Journals |  Store  |  Donate

About DU  |  Contact Us  |  Privacy Policy

Got a message for Democratic Underground? Click here to send us a message.

© 2001 - 2011 Democratic Underground, LLC