« Find Improvements That Lie Clearly At Hand | Main | Dual Mode Authorization »



Agreed with all of this. I would actually take it further and say what I am working on is to not have a security team at all, just more educated users who incorporate security processes into each of their roles. There aren't many success stories with a centralized model, so I thought trying something different - when I wasn't going to get funding for what was required in the first place - was the way to go.


Great article, enjoyed reading it. One comment to add. Almost feels like the security dog didn't catch the car as much as the car slammed on the breaks and backed into the dog. Business now sees the necessity and importance of security as an enabler to their changing business. For us it certainly felt like they realized they needed security dog for their road trip and now we are tied to the roof.

The comments to this entry are closed.