Your Policies Can Hurt You, Part 2: Overzealous Policies Can Create Breach-Prone Environments
Early on in my information security career I was auditing a firm that conducted complex economic analyses for their clients. They processed a lot of personal information and they wanted to be sure they were applying appropriate controls to safeguard that information. Part of their business model was to charge their clients per hour for […]