Comments on: New Best Practice: Think http://newschoolsecurity.com/2009/10/new-best-practice-think/ The Blog Inspired By The Book Tue, 07 Feb 2012 02:09:16 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: Adrian Lane http://newschoolsecurity.com/2009/10/new-best-practice-think/#comment-588 Adrian Lane Thu, 03 Dec 2009 16:30:41 +0000 http://newschoolsecurity.com/?p=746#comment-588 What? I am too busy implementing best practices to take on any more requirements like 'Think'. Unless there is a compensating control for that, you'll just have to come back later. What? I am too busy implementing best practices to take on any more requirements like ‘Think’. Unless there is a compensating control for that, you’ll just have to come back later.

]]> By: Andrew Yeomans http://newschoolsecurity.com/2009/10/new-best-practice-think/#comment-385 Andrew Yeomans Thu, 15 Oct 2009 09:36:05 +0000 http://newschoolsecurity.com/?p=746#comment-385 My best practice: Use "effective practices" rather than so-called "best practices". Of course, you will need proof to declare one "effective". My best practice:
Use “effective practices” rather than so-called “best practices”.

Of course, you will need proof to declare one “effective”.

]]> By: Saso http://newschoolsecurity.com/2009/10/new-best-practice-think/#comment-384 Saso Wed, 14 Oct 2009 22:22:40 +0000 http://newschoolsecurity.com/?p=746#comment-384 Amen. Practice what you preach and advertise this best practice any chance you get: http://remogeneralstore.com/pages/popupSS.cfm?plu=1290&start_image=1 Yours wearing his red on black THINK t-shirt right now (casual Thursday for some reason), Saso Amen.

Practice what you preach and advertise this best practice any chance you get:
http://remogeneralstore.com/pages/popupSS.cfm?plu=1290&start_image=1

Yours wearing his red on black THINK t-shirt right now (casual Thursday for some reason),
Saso

]]> By: Russell http://newschoolsecurity.com/2009/10/new-best-practice-think/#comment-383 Russell Wed, 14 Oct 2009 17:46:27 +0000 http://newschoolsecurity.com/?p=746#comment-383 "Think", indeed! When I was at a Big 4 consulting firm, I learned to cringe when I heard "best practices" from either my co-workers or when it was requested by clients. I came to realize that there was no vetting process what so ever for any "best practices" and that it was nearly always sought as a substitute for thinking, as if to say "Why should we think about this when we can just borrow/steal the thoughts of other people." Plus, "best practices" give everyone involved a giant fig leaf to cover up their lack of insight, originality, or systematic understanding. It is especially attractive to upper management to cover up their lack of understanding of technical issues. “Think”, indeed!

When I was at a Big 4 consulting firm, I learned to cringe when I heard “best practices” from either my co-workers or when it was requested by clients. I came to realize that there was no vetting process what so ever for any “best practices” and that it was nearly always sought as a substitute for thinking, as if to say “Why should we think about this when we can just borrow/steal the thoughts of other people.”

Plus, “best practices” give everyone involved a giant fig leaf to cover up their lack of insight, originality, or systematic understanding. It is especially attractive to upper management to cover up their lack of understanding of technical issues.

]]> By: GenesysWave http://newschoolsecurity.com/2009/10/new-best-practice-think/#comment-382 GenesysWave Wed, 14 Oct 2009 17:14:01 +0000 http://newschoolsecurity.com/?p=746#comment-382 My fav: IT is always best practice to use best practices Yes, let's use what everyone else is doing because everyone else is doing it. Best practice find what is required for your environment and follow nickerson's advice DO! My fav:
IT is always best practice to use best practices

Yes, let’s use what everyone else is doing because everyone else is doing it. Best practice find what is required for your environment and follow nickerson’s advice DO!

]]> By: nickerson http://newschoolsecurity.com/2009/10/new-best-practice-think/#comment-381 nickerson Wed, 14 Oct 2009 17:01:18 +0000 http://newschoolsecurity.com/?p=746#comment-381 how about DO! All these people in security (consultants and practitioners alike) talk,talk,talk.... but rarely ever do. Screw best practice... got out and DO something. how about
DO!

All these people in security (consultants and practitioners alike) talk,talk,talk…. but rarely ever do. Screw best practice… got out and DO something.

]]> By: Kyle Maxwell http://newschoolsecurity.com/2009/10/new-best-practice-think/#comment-380 Kyle Maxwell Wed, 14 Oct 2009 16:44:11 +0000 http://newschoolsecurity.com/?p=746#comment-380 Preach on. Preach on.

]]> By: alex http://newschoolsecurity.com/2009/10/new-best-practice-think/#comment-379 alex Wed, 14 Oct 2009 16:31:25 +0000 http://newschoolsecurity.com/?p=746#comment-379 Feel? Feel?

]]>