thinking_about_security
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionLast revisionBoth sides next revision | ||
thinking_about_security [2019/08/15 14:12] – neil | thinking_about_security [2019/08/15 19:37] – neil | ||
---|---|---|---|
Line 1: | Line 1: | ||
=====Thinking about security===== | =====Thinking about security===== | ||
====Key points:==== | ====Key points:==== | ||
- | * [[thinking_about_security# | ||
* [[thinking_about_security# | * [[thinking_about_security# | ||
+ | * [[thinking_about_security# | ||
* [[thinking_about_security# | * [[thinking_about_security# | ||
* [[thinking_about_security# | * [[thinking_about_security# | ||
+ | |||
+ | ====Be realistic, and think about client experience ==== | ||
+ | |||
+ | Security is important. So is client experience. | ||
+ | |||
+ | Some security controls are appropriate for highly confidential information, | ||
+ | |||
+ | There comes a point at which providing security makes it more difficult for the client to work with you, contrary to their best interests. | ||
====You are never going to be “perfectly secure”==== | ====You are never going to be “perfectly secure”==== | ||
Line 13: | Line 21: | ||
What's important is that you are adequately protected against the realistic risks facing you. | What's important is that you are adequately protected against the realistic risks facing you. | ||
- | ====Be realistic, and think about client experience ==== | ||
- | Security is important. So is client experience. | ||
- | |||
- | Some security controls are appropriate for highly confidential information, | ||
- | |||
- | There comes a point at which providing security makes it more difficult for the client to work with you, contrary to their best interests. | ||
====Talk to your clients ==== | ====Talk to your clients ==== | ||
Line 25: | Line 27: | ||
If your clients are themselves experts, consider letting them take the lead. | If your clients are themselves experts, consider letting them take the lead. | ||
- | If you are for a very tech-savvy client, who you know uses encryption for some communications, | + | If you act for a tech-aware client, who you know uses encryption for some communications, |
- | Likewise, if they send encrypted attachments, | + | Likewise, if they send encrypted attachments, |
- | (You might always want to //offer// encrypted communications, | + | (You might always want to //offer// encrypted communications, |
====Security is ongoing==== | ====Security is ongoing==== |
thinking_about_security.txt · Last modified: 2021/07/06 09:26 by 127.0.0.1