User Tools

Site Tools


thinking_about_security

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
thinking_about_security [2019/08/15 20:33]
neil
thinking_about_security [2019/08/15 20:37] (current)
neil
Line 1: Line 1:
 =====Thinking about security===== =====Thinking about security=====
 ====Key points:==== ====Key points:====
-  * [[thinking_about_security#​You are never going to be “perfectly secure”|You are never going to be “perfectly secure”]] 
   * [[thinking_about_security#​Be realistic, and think about client experience|Be realistic, and think about client experience]]   * [[thinking_about_security#​Be realistic, and think about client experience|Be realistic, and think about client experience]]
 +  * [[thinking_about_security#​You are never going to be “perfectly secure”|You are never going to be “perfectly secure”]]
   * [[thinking_about_security#​Talk to your clients|Talk to your clients]]   * [[thinking_about_security#​Talk to your clients|Talk to your clients]]
   * [[thinking_about_security#​Security is ongoing|Security is ongoing]]   * [[thinking_about_security#​Security is ongoing|Security is ongoing]]
 +
 +====Be realistic, and think about client experience ====
 +
 +Security is important. So is client experience.
 +
 +Some security controls are appropriate for highly confidential information,​ but some are less appropriate for less confidential information — the likelihood of harm, or the severity of the harm, does not justify the intrusion or inconvenience. ​
 +
 +There comes a point at which providing security makes it more difficult for the client to work with you, contrary to their best interests.
  
 ====You are never going to be “perfectly secure”==== ====You are never going to be “perfectly secure”====
Line 13: Line 21:
 What's important is that you are adequately protected against the realistic risks facing you. What's important is that you are adequately protected against the realistic risks facing you.
  
-====Be realistic, and think about client experience ==== 
  
-Security is important. So is client experience. 
- 
-Some security controls are appropriate for highly confidential information,​ but some are less appropriate for less confidential information — the likelihood of harm, or the severity of the harm, does not justify the intrusion or inconvenience. ​ 
- 
-There comes a point at which providing security makes it more difficult for the client to work with you, contrary to their best interests. 
  
 ====Talk to your clients ==== ====Talk to your clients ====
thinking_about_security.txt · Last modified: 2019/08/15 20:37 by neil