Posts Tagged ‘compliance’
Policy debt
04Sep19
Background When we talk about technical debt that conversation is usually about old code, or the legacy systems that run it. I’ve observed another type of debt, which comes from policies, and seems to be most harmful in the area of security policies. Firewalls or encryption? A primary purpose for this post is to put […]
Filed under: security | 4 Comments
Tags: change, compliance, culture, debt, encryption, firewalls, passwords, policy
My friend Randy Bias very kindly came in and did a web conference presentation at work this week on his views of cloud computing (which are well summarised in a post he did at the end of last year). Inevitably the topic of security came up, and Randy, drawing on his past experience in the […]
Filed under: architecture, cloud, security, software | 6 Comments
Tags: audit, bolt on, build in, cloud, compliance, firewall, gateway, iaas, paas, schema, security, validation, xml
Chris Swan's Weblog 