Gartner Blog Network

Tag: 'policy' Blog Posts

from the Gartner Blog Network

Understanding "Why" Aids Policy Conformance

by Ben Tomhave  |  September 17, 2013

When it comes to writing, I'm a bit of a traditionalist (and, frankly, snob;). I like the Oxford comma and I'm particularly fond of using "e.g." and "i.e.". However, in...

Read more »

For the Interns: The Duck Face (and a quick tip for posting to social media)

by Jenny Sussin  |  May 31, 2013

Music for today's reading: http://www.youtube.com/watch?v=LSfnopkT37I Another post in preparation for intern and I-need-to-find-a-job season...we bring you "the duck face..." You know what I mean you iPhone users, you MySpace reformers,...

Read more »

On Nebulous Security Policies

by Anton Chuvakin  |  August 29, 2012

We interrupt our regular programming (on SIEM this quarter) in order to briefly talk about security policy. In particular, about unrealistic, crazy, unimplementable policies that nobody even intends to comply...

Read more »

Do Your Lawyers Actually Know What the Law Is?

by Jay Heiser  |  June 20, 2012

It is only Wednesday, and already I’ve reviewed at least 3 different policies that require employees to obey applicable laws. This is not just self-evident—its a professional cop-out. Somebody doesn’t...

Read more »

Has ‘you must obey the law’ ever actually worked?

by Jay Heiser  |  June 19, 2012

Its not that I am categorically against the idea of law, but I am convinced that your typical corporate counsel is more motivated by personal convenience than by a sense...

Read more »

You may not write down unmemorizable passwords

by Jay Heiser  |  April 19, 2012

I frequently see end user policies that contain the following two elements: Passwords must be so complex that they cannot be guessed Passwords may not be written down This is...

Read more »

It is against our policy to commit sabotage

by Jay Heiser  |  April 18, 2012

A significant number of enterprise IT policies include some sort of prohibition against the use of computer viruses, interference with the network, and other forms of deliberate harm.  Is it...

Read more »

We've all got spy cameras in our pocket

by Jay Heiser  |  February 27, 2012

Photographers have fond memories of the original spy camera, the Minox. Invented just before WWII, and reportedly seeing some small amount of action in that war, it became a spy...

Read more »

Collective Punishment: SOPA and Protect-IP are Threats to NSTIC and Federated Identity

by Ian Glazer  |  January 10, 2012

As a technologist you’ve likely heard about the Stop Online Privacy Act (SOPA) or the Protect-IP Act. The intention of these bills, as described by SOPA, is “[t]o promote prosperity,...

Read more »

The Peril of Parallel Passwords

by Jay Heiser  |  December 23, 2011

I've reviewed three different policies so far this month, all of which contained the a similar requirement that users not write down their password. How counterproductive is that? It is...

Read more »