Mostly a training day, today. I have a class at 10:00 on encryption tools that will be rolled out the environment here. I guess now we're required to encrypt all kinds of stuff. I'm curious to see how that's going to affect our audit findings. I'm also curious to see how we fare on the next audit, since we're not really addressing what's on the audit, we're working around it by tacking encryption onto it.
Interesting thing, security auditing. Like border guards, it's always more interesting to flag someone for doing something wrong than it is to pass people for doing things OK. So, anything you can find at all becomes an issue. Now when you have millions of people using one system, and once group has an issue with a security audit finding, then you have to decide whether or not you change the whole system for everyone, or tell that group to 'love it or leave it'. Ah, 'leveraging'. Screw it.
I'm going to look into IPSec as a solution, to try and get away from all this disk-based and service encryption crap. There's not that much data we need to protect, on the whole, and using all these invasive tools to do it is kind of annoying. If I can do it at the network layer, then I'm cool with it.
Hopefully, I'll get some more time in on LearnFlow today. Falling further and further behind in my CCNP classes. Maybe I'll do some labwork from home tonight while I dub more albums to disk.
More tech stuff later. Cheers.
No comments:
Post a Comment