[talk] "death of IT"

steve.b at osfda.org steve.b at osfda.org
Sun Mar 29 14:49:05 EDT 2020


I  would call it the diminishment of IT. I actually envisaged the 
current empowerment and participation of employees in company's tech 
decades ago; but, like technology (except when monopolies are 
involved...), it's not so much a death, but re-purposing and change. 
IS+IT were all-powerful, it was not a consideration you could use your 
own keyboard back then; OK, so we have a greater diversity of accepted 
hardware standards, and employees can pick+choose now. The fight now is 
over network access: often if someone has a token authenticator for 
access to the company network, IT dictates the operating system, apps, 
and network software that an employee may use in conjunction with it (to 
blow off those stipulations is to risk getting fired; to sweeten the 
deal, companies configure laptops with the approved mix -providing 
equipment also serves as a moat against intellectual property claims in 
some instances...)

If more apps migrate to web-based, then that will be less of an issue.
But as we correspond, the Internet creaks because of Covid...

On 3/29/2020 12:15 PM, James E Keenan wrote:
> On 3/29/20 10:16 AM, Brian Callahan wrote:
>>
> [snip]
>
>>>
>>> Futher, per ISO 27002 who will:
>>>
>>>   - create and enforce segregation of duties?
>>>   - create, deliver, and track information security awareness and
>>>     training?
>>>   - track assets?
>>>   - manage access rights?
>>>   - ensure cryptographic keys are competently managed?
>>>   - enforce secure disposal or re-use of equipment?
>>>   - manage installation of software on operational systems?
>>>   - create, monitor, and enforce network controls?
>>>   - perform system acceptance testing?
>>>   - monitor supplier relationships?
>>>   - assess, respond, and remediate information security 
>>> vulnerabilities?
>>>   - create, test, and actually perform business continuity in the event
>>>     of a disaster (or a pandemic)?
>>>   - ensure the protection of your privacy and personal information?
>>>
>>>
>>
>> Wish my Infosec students were on this list--we covered ISO 27002 on 
>> Thursday! Great stuff Jim.
>> I often end up teaching a lot of these skills indirectly in my 
>> programming courses because they are so crucial.
>>
>
> One of the limitations of being almost completely self-taught as a 
> programmer is that I never learned any of the stuff on that list.
>
> jimk
>
> _______________________________________________
> talk mailing list
> talk at lists.nycbug.org
> http://lists.nycbug.org:8080/mailman/listinfo/talk



More information about the talk mailing list