Of course a physically secure machine that is wide open to the internet is useless too. You need to balance this all...Originally Posted by 23meg
Practical security is a trade off between security, cost and usability.
CMW is very secure, is fairly expensive and is really nasty to have to use. The trade-off is not normally worth it.
Like everything else you need to decide how much you trust your users, how much you can put up with in the way of extra effort, and how much you can afford to spend on this. With a lot of money and a lot of extra effort you could put your computer in a vault with a security guard standing watch over your users... But is that reasonable.
Think of trade offs, decide what you want to accomplish (or legally have to with HIPAA and Sarbanes-Oxley) and then implement it.
Z.



Adv Reply





Bookmarks