Archive for August, 2009

DNA evidence (posted by Fabien Villard)

Often people ask me why I don’t like the use of DNA and other biological markers as identities. My answer can be expressed in two points: Biometric data cannot be repudiated. If your biometrics are compromised you cannot change them like you can do when your personal certificate (or password) is compromised. Biometric data are [...]

Security is a strategic concern (posted by Fabien Villard)

Here is an interesting point of view on security business today from an IBM Security Strategist: Among the eight points some are tightly related to enterprise strategy and enterprise architecture. Points 2, 6 and 7 focus on external concerns, regulations and security product vendors, but  others may be summarized like this: what do I [...]

Bruce Schneier on Risk Intuition (posted by Fabien Villard)

Here is a very good post of security guru Bruce Schneier on how we as individuals are good at evaluating risks: We often hear that people do not follow rules because they do not understand risks and Schneier shows us that the error is to forget that we do not live in a world [...]

Get out of the immaturity model (part 2) (posted by Fabien Villard)

[Part 1] Here are some points to focus on to try to get out of the immaturity model. Some are obvious. Some may sound like weird ideas. But do not underestimate culture: obvious points may not be obvious for everyone and weird things may well be weird only for those who see them for the [...]

Get out of the immaturity model (part 1) (posted by Fabien Villard)

“IT is a young discipline” syndrome For as long as I have worked in IT I have heard this dogmatic explanation. It is used for all sorts of issues ranging from hardware failures to heavily bugged software including huge and astonishingly complex IT solutions without strong relations with business problems. Each time, the maturity idea [...]