Then the other day at our Sale had a conversation with one of the companies that they ( Sale ) believe lidom. And this is my spodviglo to this post.
Preamble:.
This production company. They have a production, they produce something. The name does not say - it still does not tell anyone. Number of users - around 120. IT Manager - an advanced guy, but new to the company. His task - to make all of the mind, beginning with the centralization of infrastructure, AD, mail, etc. Dr.. Money is not natural. Well, that is, there are some, but not enough so that all.
outpatient:.
The first conversation with the director of IT leads to optimistic thoughts about rare in our time understanding and acceptance of SaaS services actually. And in general, so it was. But after some time it turned out that our chances are small due to the fact that the company said: ' You would not give a stranger your ISP e-mail! '.
Total: we are in a stupor, and I 'm writing this post.
Analysis of the situation:.
That is what happens: a small -sized Ukrainian industrial company, which is roughly at the moment to survive, is going to protect their data. Well, no, that is, it is certainly commendable. Protect your data - that's right! .
BUT.
These people ( the bosses of the company) seriously believe that if the 'server' (intentionally quoted ) will stand them in the office (read - the secretary under the desk or in a room with a flimsy door which graze the rest iron on virtualke the admin, etc. Dr.. ), Their data is NO, NEVER, UNDER NO CIRCUMSTANCES does not carry off.
They just BELIEVE. They were so relaxed.
Now let's analyze the situation calmly.
First, there are several hundred relatively light, and a countless number of complex ways of obtaining data of interest, from computer theft or bribery of staff and ending with cool hatskingom. And every normal person is clear - there is no absolute protection.
Second, at the aforesaid company is objectively no money for it, how to ensure that at least some decent level of data protection. Privacy - is a science, and a good defense - it is expensive.
Third, there are many details of this company? . Let's be honest - they cost several thousand dollars that will be required to pay off a particularly corrosive test. In other words bosses are not afraid of that information gets to the competitors, but the fact that it gets into the organs.
Fourth, if the company will come masked men, on the basis of the first and second paragraphs may conclude that they will not have a chance that data will not get ' where necessary '. I repeat - NO ONE. Would remove the server, passwords will learn to drive dump will be taken. No, but of course there are legends that some firms in the nineties and early two thousandth had specially trained people who were sitting in the back bezvylazno and in case of danger pressed the right button. And as a result - all you need (or rather do not need ) to know strangers - erased. But it also costs money in the first place. And secondly, does not guarantee against risk - at a large company, the complete destruction of the data difficult to achieve and something you can still get (Incidentally, this moment - a good topic for future discussion).
Total:.
People believe that the information in a safe until it is physically located next door.
People do not believe that companies that have invested a lot of money in infrastructure and data protection does not sell this information to the left or ' where necessary '.
The conclusion is a bit pathetic.
We fight with myths, and thereby create our own reality, which in time will also be a myth. Today we are trying to convince customers that store data in the cloud - it is safer than on your own server. And I 'm sure we 're right. Tomorrow our children will try to convince customers that the data is stored somewhere in the fifth dimension by using the quantum probability ekzabaytovye storage is more secure than those unreliable, full of buzzing iron, the so-called ' clouds '. And they too will be convinced of the correctness.
Just not much to break away from reality. Neither in that nor in the other direction along the time axis. Then there is the opportunity to reduce their risks. Do not remove - but lower.
P. S. I 'll write more about what it's all over:).
Комментариев нет:
Отправить комментарий