On mySimon: Pride and Prejudice and Zombies
BNET Business Network:
BNET
TechRepublic
ZDNet
TalkBack 3 of 13:
Next »
« Previous
While I agree with you in theory....
I have some answers to your questions.

"How is it again that implementing better record keeping practices can make security worse?"
A - Well, Michael, This is two-fold.
First, the millions of dollars spent on SOX compliance is diverting funds that were allocated for security. Corporations are not a bottomless pit of cash, so when faced with a choice: beef up security based on the latest threats and technologies or meet this new government compliance regulation and not get fined. (more $$)
Second, Companies are trying to meet compliance as inexpensively as they can (you know, maximize shareholder value?), and therefore don't have the time or resources to make sure what they are puting into place is perfectly secure.

Your second question: "nd WHY security was NOT there even BEFORE SOX went into effect? There was NO security infrastructure before? "
Is even more rudimentary.
The simple answer is, "Yes", of course there was security. You are obviously not a security professional, which is ok, so I am sorry to be the one to have to tell you this...security threats change every day. Technology changes, hacker/phisher/phreaker/etc's methodologies change every day, new software holes are discovered on a daily basis.
So, what happens when the security officer goes to the CIO and other C_Os for moeny to meeet these threats? They hear, "Sorry, nothing left in the budget for that, it is all spent on SOX compliance.

I hope that helps those of you out there that were wondering the same thing as Michael understand why this is doing (in some cases) more harm than good.
In certain circles it is the legal equivalent of banning alcohol in order to prevent drunk driving.

Cheers!
Critique
Posted by: critique   Posted on: 07/12/05 You are currently: a Guest | Members login | Terms of Use
Reply to Story Reply to Message

Alert moderator to an offensive message

Subscribe to this discussion via Email or RSS

Economic Impact Statement  rapson | 07/11/05
Excuses to promote un-accountability  michael_t | 07/11/05
While I agree with you in theory....  critique | 07/12/05
Hogwash  TrustMe_z | 07/12/05
How typical....  critique | 07/12/05
Thanks for your shallow insight ...  michael_t | 07/12/05
michael, michael....  critique | 07/12/05
Problems ...  michael_t | 07/13/05
Careful now  rapson | 07/12/05
Re: Careful Now  BXLE | 07/12/05
Ultimately,  michael_t | 07/13/05
Exactly...  critique | 07/12/05
I know that there can be regulation  michael_t | 07/12/05

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

advertisement
advertisement

Meet Doc

  • Here to help you with your Document Management Needs
  • Doc is an enigma. Born to a Russian ballerina and a German electrical engineer, he grew up in various locations in the United States. He’s seen the insides of more brands, versions, and generations of printer and printer-related hardware than almost anyone.
  • To learn more about this mysterious figure check out his blog on ZDNet. You’ll be glad you did.
  • Produced by
    ZDNet and