Comments on: Why Security Policies Cannot Stand Alone http://www.gfi.com/blog/security-policies-stand/?utm_source=rss&utm_medium=rss&utm_campaign=security-policies-stand Brought to you by GFI Software Fri, 09 Aug 2013 12:13:46 +0000 hourly 1 By: John Gibson http://www.gfi.com/blog/security-policies-stand/comment-page-1/#comment-17074 John Gibson Tue, 28 Dec 2010 07:31:46 +0000 http://www.gfi.com/blog/?p=2996#comment-17074 This is definitely an interesting anecdote. You would think that such high level personalities such as the President himself would have a security detail and system that would rely on far more fail safes than a personal aide.

There are definitely some interesting points brought up here in the comments section as well. I guess somebody should e-mail this to the Presidential Chief of Staff in case he’d be willing to take a couple of notes.

]]> By: Emmanuel Carabott http://www.gfi.com/blog/security-policies-stand/comment-page-1/#comment-16313 Emmanuel Carabott Fri, 17 Dec 2010 09:49:45 +0000 http://www.gfi.com/blog/?p=2996#comment-16313 Thanks Jay, that was indeed my point.

You’re right obviously Phil, in that the Aide is by far the most at fault and should get more then a slap on the wrist but as Jay perfectly puts it, the Aide could manipulate the verification process (the policy that the codes need to be checked monthly) that it was the result of a lack of oversight to ensure policies are actually implemented. Putting policies is place is never enough and we all know that. You need to ensure policies are implemented and followed.

]]> By: Jay Thompson http://www.gfi.com/blog/security-policies-stand/comment-page-1/#comment-16145 Jay Thompson Wed, 15 Dec 2010 15:23:57 +0000 http://www.gfi.com/blog/?p=2996#comment-16145 @Phil

I don’t think the article is outright dismissing the negligence of the presidential aide. What the article is addressing however, is the fact that security specialists didn’t recognize the aide as a possible security problem. Although it’s great to point fingers and hold people accountable for their actions, security is a preventive measure not a reactive one. It’s always recommended to fix your company’s security system first, before implementing it.

]]> By: Phil http://www.gfi.com/blog/security-policies-stand/comment-page-1/#comment-16027 Phil Tue, 14 Dec 2010 19:38:42 +0000 http://www.gfi.com/blog/?p=2996#comment-16027 In the case of the Presidential aid, I’d attribute the failed security policy to human error. If it were up to me, the aid would’ve been shot, hanged and burned in that order. Alot of it grief would’ve been averted if he simply fessed up to having lost the launch codes in the first place. I don’t think the security policy was sound at all, having to rely on incompetence like that.

]]>