Adventures of an Eternal Optimist http://eternallyoptimistic.com Mon, 26 Jan 2009 19:03:57 +0000 http://wordpress.com/ en hourly 1 http://www.gravatar.com/blavatar/0eb7b045082237692fcc0d308cee035c?s=96&d=http://s.wordpress.com/i/buttonw-com.png Adventures of an Eternal Optimist http://eternallyoptimistic.com Analogous? http://eternallyoptimistic.com/2009/01/26/analogous/ http://eternallyoptimistic.com/2009/01/26/analogous/#comments Mon, 26 Jan 2009 19:03:57 +0000 Pamela http://eternaloptimist.wordpress.com/?p=804 ]]>

For whatever reason, I’ve been pondering similarities and differences between financial and IT risk lately, and one big difference seems to be around reputation in these two areas.  The financial world painstakingly maintains institutionalized memory of credit issues through standardized credit ratings.  Companies, cities, and even countries are rated based on current and past performance, and a ratings downgrade is a BIG deal.

Why isn’t there an analogous service for systems security risk?  For example,  Mike Ramirez just pointed out a data breach at Monster.com,  I’d love to go somewhere and see, was that the first time?  Have they been breached before, and I simply didn’t hear about it? How about Heartland Payment Systems?  It seems to me that right now, companies can get away with repeat offenses,  simply by flying under the radar.

Of course, there is always the Listeriosis Clause to consider — who do you trust more, the company with a dedication to quality that is forced to disclose, or the lazy/ignorant company who never even looks, and therefore never has to tell?

In any case, I’d like to see collections of disclosures about the various services I choose to use or do business with.  I’d like to see data collection for the purposes of comparing privacy policies,  TOSs, known breaches of or challenges to those policie. Another issue that I believe could gain prominence is being able to easily research whether the companies I interact with are sending/storing my information across international borders.   I think there would be some really interesting discoveries in such a body of data.

]]> http://eternallyoptimistic.com/2009/01/26/analogous/feed/ 1 eternaloptimist Good laugh http://eternallyoptimistic.com/2009/01/22/good-laugh/ http://eternallyoptimistic.com/2009/01/22/good-laugh/#comments Thu, 22 Jan 2009 17:07:44 +0000 Pamela http://eternaloptimist.wordpress.com/?p=801 ]]>

http://www.pingidentity.com/vid-test.html

I wasn’t expecting to enjoy this — but I did.  There are some great lines, you just have to get past the obligatory intro scenes :)     The plot is familiar — not because I’ve seen the movie but because I’ve lived the integrations.

My favorite — princess Leia having to stop transmitting her plea for help because the “storm-consultants” were coming…. there are more but I wouldn’t want to spoil it for you.

]]> http://eternallyoptimistic.com/2009/01/22/good-laugh/feed/ 0 eternaloptimist