Comments on: Are Security Controversies Justified?

By: Emmanuel Carabott

Emmanuel Carabott — Fri, 07 Jan 2011 14:01:47 +0000

@Alison

In a way it’s to be expected I guess, Security needs to be a balance between security and convenience, and the more that balance is tilted towards security the more people will be unhappy with it, possibly to the point of becoming counterproductive.

@Laurie

Indeed it is; the ‘we have to see and check everything with no compassion or concessions’ does have that 1984 ring to it. If it is really all necessary is an interesting question as well.

@Sophie

Thanks. That is indeed what I am trying to do here – have people think about the two sides of security. Security itself and its cost on convenience.

@Liv

It’s true that a security professional will tend to go towards security rather than towards convenience and that’s a natural reaction, because as a security professional your responsibility is to ensure the security not to make life as easy as possible. However, that being said, generally, a security professional is not the only party involved in a project and there will be others whose main priority it is to make the system as easy to use as possible. These two disciplines will generally find an acceptable middle ground.

@Kathryn

I am afraid that in truth it’s actually more complicated than that. A pilot can bring down a plane without needing to smuggle in a gun, FACT. But if it’s known that pilots are not subject to security checks because logically they don’t need to be then whoever wants to smuggle in a gun can pretend to be a pilot, thus eliminating an unnecessary security check which has still resulted in a security risk. Worse yet, indirectly this has created a security risk to the pilot himself who might find himself blackmailed by someone to get prohibited items through security. I don’t mean to say that pilots need to be subjected to the same kind of security as everyone else, but what I am saying is that if you look hard enough there is a reason to implement security everywhere, but then again is it cost effective? The correct procedure here is for people with knowledge and experience to weigh the risk mitigation with its cost and to see what procedures are worth implementing and what can be safely discarded.

By: kathryn

kathryn — Sun, 02 Jan 2011 18:22:22 +0000

“Don’t sacrifice security for convenience and try to avoid sacrificing convenience if it is not really necessary.”

I guess the difficulty in a statement like this, most especially in the context of a security industry that’s as volatile as ours; it’s hard to pinpoint exactly what is necessary and what isn’t. Surely, the example of the pilot is an easy case to make, but how does it apply to the IT industry?

Most of the time, and with good reason, we apply the measures we do today because we don’t know what kind of threats there will be tomorrow.

By: Liv

Liv — Thu, 30 Dec 2010 14:36:39 +0000

I think striking a balance between convenience and security is just one of those things that will never be truly attained, no matter how much our security specialists will try. Their foremost priority (whether it’s offline or online) will always be the protection of its clients, and their people. If we want to stay safe, there are just some conveniences that need to be sacrificed in order to make sure that we are.

By: Jenny Ducker

Jenny Ducker — Wed, 29 Dec 2010 05:10:06 +0000

Our company is actually extremely fax reliant since we use faxes as a form of documentation for a lot of the official correspondences with our clients. Agreements, application forms, release forms and product surveys are all integrated into our fax system. However, I’ve always had this nagging feeling that faxes are just too old a technology for the digital age, especially for a company like ours that specializes in IT development. Maybe fax servers would be worth looking into.

By: Sophie

Sophie — Wed, 29 Dec 2010 05:05:04 +0000

Great article; especially since it’s incredibly relevant to the current state of the IT industry. Although we discuss many methods, practices and theories on how to better our online and offline security, we tend to forget the possible implications it has to the functionality, reliability and ease-of-use pf the products we provide our clients and our co-workers. Flexibility in security? Surely not something that can be settled in a single discussion, but definitely a point that should not be easily forgotten.

By: Laurie

Laurie — Wed, 29 Dec 2010 04:55:04 +0000

I don’t know about the rest of you. But taken out of context, the first couple of airport security stories in the article read like something straight out of George Orwell’s 1943. I know we’re far from being under a totalitarian government, but you have to wonder what sort of comforts and liberties we have to sacrifice for additional security. It’s just hard to not think of Benjamin Franklin’s words: “Those who give up liberty for the sake of security, deserve neither liberty nor security.”

By: Alison

Alison — Wed, 29 Dec 2010 04:51:02 +0000

With regards to airport security, I’ve heard about a current below-the-line campaign that has people wearing plain white shirts when travelling by air. To show their dislike for intrusive airport security, these individuals submit themselves to an x-ray scan only to reveal a rather “distasteful” message on their shirt that can only be revealed by x-rays. It seems that even the masses are starting to feel the burden of security.