Become a fan of Slashdot on Facebook


Forgot your password?
Slashdot Deals: Cyber Monday Sale! Courses ranging from coding to project management - all eLearning deals 25% off with coupon code "CYBERMONDAY25". ×

Comment Re:IT people get security wrong (Score 1) 260

Mind you that failing an audit can have catastrophic consequences. With regards to SOX:

"Non compliance penalties range from the loss of exchange listing, loss of D&O insurance to multimillion dollar fines and imprisonment. It can result in a lack of investor confidence. A CEO or CFO who submits a wrong certification is subject to a fine up to $1 million and imprisonment for up to ten years. If the wrong certification was submitted 'willfully', the fine can be increased up to $5 million and the prison term can be increased up to twenty years." (taken from

With regard to PCI, it can be something like "What a shame, you can't do business anymore!"

Not to say that the policy in question was appropriate or in any way properly matched to the requirement, but if that extraneous middle manager five levels up doesn't get his audits in order, that nice pile of money that pays the salaries of those "working-class saps" might well end up vanishing in a heartbeat.

Comment People are surprised? (Score 1) 334

Holy crap, guys, you mean that constantly archiving every minute detail of my life activities/social networks/purchase decisions on services that have no obligation to protect any semblance of my privacy and, in fact, end up owning the data that I am perpetually shoveling into them might be a bad idea???

More seriously, people need to start considering the ramifications of all the data they give away for free. It's not necessarily always a bad thing to do, but the corporations aren't going to be the ones to put user privacy above profit/obligation.

Ocean: A body of water occupying about two-thirds of a world made for man -- who has no gills. -- Ambrose Bierce