Tag Archives: management accepts risk

When Mgmt Ignores Security

Too many security folks push security for its own sake–they insist things should be locked down, blocked, and forbidden.

Good security, as well as risk management, is a matter of degree. You need to secure just enough to get by. In other words, don’t spend time, effort, and money implementing security that you don’t need and/or management has not approved.

Continue reading


Leave a comment

Filed under Security