Learning an IT lesson from a home contractor
Here is a post written by an end user security professional who will be known here simply as Padded Arrow. I believe you will find his perspectives on IT, security, risk management, and technology to be enlightening. -sh
Mike Holmes is a Canadian building contractor whose popular TV show tag line is "Make it right". Not just a catchy phrase but rather his way of working. If you have watched his shows, one of the underlying messages is “Building codes are MINIMUM guidelines.” Often, the right way to do the job is not in the same league as "code." Mike prefers to "Make it right" rather than "make it code."
What does this have to do with IT and Security? Many regulatory requirements (SOX, GLBA, HIPAA, etc.) come from a need to "raise the bar" on the quality of IT construction, safety and security. Too often, IT projects are a knee-jerk reaction to the current challenges in the IT environment, both real and perceived (aka marketing hype). Sometimes, regulations (building codes) seem to have more influence to direct IT than what is the best course of action for the company. At what point does a company decide to plan its IT strategy with the business and long term survivability as a priority?
Instead of "Make it right", team up to "Make IT right".