undefined | Better HN

0 pointsjl64y ago0 comments

And there’s a good reason for that - security is a human activity as well as a technology, and the more people involved in an organization, the greater the opportunity for miscommunication and diffusion of responsibility.

It’s easier to get it right when you can put your arms around the whole thing.

0 comments

sumtechguy4y ago

Very good points. I would add these as well.

There is another facet to all of this. Money. Just plain old money. It takes time and money to buy and maintain this sort of software.

The 'hobbyist' also has plenty of time and access to the tools. Whereas an org may only have so much budget for it. Which in effect restricts time to do it, and or how many people you can pay to do it. Also depending on the org you may not even have access to the correct tools and documentation.

From a pure user 'end point' usage the security stuff is either in the way or 'just works'. Fixing security is background and does not get you anything new. So it often gets forgotten or downgraded in a budget game for something more shiny as the user lets out their inner verruca salt.

j / k navigate · click thread line to collapse

0 pointsjl64y ago0 comments

It’s easier to get it right when you can put your arms around the whole thing.

0 comments

sumtechguy4y ago

Very good points. I would add these as well.

There is another facet to all of this. Money. Just plain old money. It takes time and money to buy and maintain this sort of software.

j / k navigate · click thread line to collapse