The author of the thread discussion must be working in an organization where strict compliance is a must have, like financial or credit card processing companies. Even MasterCard and VISA require their partners to comply to such requirements to be certified and graded accordingly as affiliate. However, considering Zak's expressed opinion on the matter, compliance is not a fail-safe measure against being hacked or defaced online, but it's a security blanket to setup an IT infrastructure that in itself is secured to some level. Whether it will fail or not is in the hands of the IT staff managing that infrastructure. As they say: a fool with a tool is still a fool. I once worked with a financial organization that's so compliant working was a bore since I can't immediately install or deploy software or changes that should be implemented. Last April 2012, they were hacked and sensitive information were stolen from them, their IT infrastructure compliance not withstanding.
On Wed, May 29, 2013 at 7:11 PM, Zak Elep <[email protected]> wrote: > On Wed, May 29, 2013 at 7:02 PM, [email protected] > <[email protected]> wrote: > > You know very well what you posted is personal opinion and won't make > sense > > to any high grade requirement like sox :-) > > Maybe. Most likely we're just dealing with different cases. I'm not > saying compliance is a bad thing, but there are the cases where you > can afford _not_ to comply. > > -- > Zak B. Elep || zakame.net > 1486 7957 454D E529 E4F1 F75E 5787 B1FD FA53 851D > _________________________________________________ > Philippine Linux Users' Group (PLUG) Mailing List > http://lists.linux.org.ph/mailman/listinfo/plug > Searchable Archives: http://archives.free.net.ph >
_________________________________________________ Philippine Linux Users' Group (PLUG) Mailing List http://lists.linux.org.ph/mailman/listinfo/plug Searchable Archives: http://archives.free.net.ph
