Differences

This shows you the differences between two versions of the page.

--- thinking_about_security [2019/08/15 19:33] – neil
+++ thinking_about_security [2019/08/15 19:37] – neil
@@ Line 1: / Line 1: @@
 =====Thinking about security=====
 ====Key points:====
-  * [[thinking_about_security#You are never going to be “perfectly secure”|You are never going to be “perfectly secure”]]
   * [[thinking_about_security#Be realistic, and think about client experience|Be realistic, and think about client experience]]
+  * [[thinking_about_security#You are never going to be “perfectly secure”|You are never going to be “perfectly secure”]]
   * [[thinking_about_security#Talk to your clients|Talk to your clients]]
   * [[thinking_about_security#Security is ongoing|Security is ongoing]]
+====Be realistic, and think about client experience ====
+Security is important. So is client experience.
+Some security controls are appropriate for highly confidential information, but some are less appropriate for less confidential information — the likelihood of harm, or the severity of the harm, does not justify the intrusion or inconvenience.
+There comes a point at which providing security makes it more difficult for the client to work with you, contrary to their best interests.
 ====You are never going to be “perfectly secure”====
@@ Line 13: / Line 21: @@
 What's important is that you are adequately protected against the realistic risks facing you.
-====Be realistic, and think about client experience ====
-Security is important. So is client experience.
-Some security controls are appropriate for highly confidential information, but some are less appropriate for less confidential information — the likelihood of harm, or the severity of the harm, does not justify the intrusion or inconvenience.
-There comes a point at which providing security makes it more difficult for the client to work with you, contrary to their best interests.
 ====Talk to your clients ====