technologi

One of my favorite bloggers, Rob Newby has been ranting about business, technology and compliance the past few days.
He is making one major point - NAC and Firewalls will not last forever.

Although I am certain that his posting will uproar some of the vendors, and some of the technical readers as well, I happen to agree with Rob.

Technology evolves. It changes. It adopts.
Most importantly, it must change. It should adopt. If it did not, we would still be riding rock carts like the Flintstones.

And I must admit I prefer heated, leather coated, soft seats, where I can listen to an V8 roar at my willing. Knowing that some years down the line, the V8 will be replaced by an electric engine.

With IT, it is the same thing. As it is with security. The thing on your lap is not an ENIAC, mind you!

If you take a look at the firewall, it is easy to understand as well. The port controlling (stateless) FW from the 80s is still in place in today firewalls, but is only a small part of the package. Add statefull inspection, AV&AS, webfiltering, VPN and a coffee machine, and you have the UTM of today.

With NAC, the same thing will happen. It will end up as a part of the internal security systems only. And some years down the line you no longer realize that what was key technology in 2007, happens to be only one of many technologies that takes care of your ICT systems.

The challenge of all times in a commercial world is to be able to look beyond the buzzwords. To use your own business targets, goals and challenges when you choose your strategy.

Only when you take control yourself will you be able to control your world. If you leave the decision making to vendors and buzzwords, you will find yourself a hostage of insecurity - you will never know if you are adequately secured. And that is the point of forcing compliance and governance - to put you in control, to enable you to drive your modern, secure and up-to-date car. 

So that you do not have to keep dinosaurs as pets and kicking about in your rock cart.

Sloggi, the company of great underwear - want to undress your passport number according to a Norwegian article. 

Sloggi runs a world-wide campaign  to boost their sales. As any sane multinational would do. They do it with a twist. And they use Internet.

They want you to photograph your butt and upload it to their website. If your butt is found attracting enough, people may vote you to become a new model. What a bummer.

I guess they got the idea from the sites like Penest.no, where young girls sell pictures of their booty for points. 

In the article, Sloggi spokeswoman Sofie Lindahl-Jensen, says they have very good controls of making sure users are over 18.

"They [users] have to register with an e-mail address and a cellphone".

I am positive that I do not have to inform my readers how easy it is to fake that? Even the journalist of the article knows how to do it.

Well, it's not over yet. After being confronted with sharp reactions from Datatilsynet (Norwegian Data Protectorate), and the fake profile with a strangers behind, the same Sofie Lindahl-Jensen assures the readers that new measures to control the age are being implemented. 

How?

"We will use passport numbers to compare with the national passport databases to check their age.." 

No, you will not. Sorry. As the police says: 

"Unless they are paying off some rouge policeofficers, they will not get that access. That data is illegal to obtain."

Sloggi, we may question your methods. We may question your security. We may even question your motives. And we may believe you are stupid and incompetent.

YOU (Sloggi) should NEVER remove that doubt by admitting you have no clue what so ever about security. If you are in doubt - say nothing. When the journalist has gone, call someone for help. 

NEVER, EVER let us realize you are clueless. 

Bummer. Or was it Butthead?