Emphatically, no, it isn’t. But now that we have your attention, is that even the right question? Probably not. Your security can never truly be “too good”; conversely, neither can it be “too poor,” though it is possible to have “bad” security (more on that in a moment). If security is addressed in binary modes, there is a good chance the apparatus has been designed in isolation from other functions and processes.
If you have a problem with your security, it’s not that it’s “too good”. Rather, the issue likely lies with your risk management plan. Therefore, the “right” question is: Is your security apparatus aligned with your operational needs, risk tolerances and business resources?
“Remember That Time When…?”
Almost every person reading this article has run into an information security technical challenge. The challenge could have come during onboarding and setting up accounts, such as an authentication step failing. Or it may have come during a device switch where some management system prevented new hardware from accessing resources.
There is always a reason — usually a good one — for a security hiccup, but that hiccup takes valuable time from other business needs. Sometimes, luck intervenes and a quick call to the help desk resolves it. Other times, your device ends up bricked and it is workaround-city until the new kit arrives.
We all have a story. And if you are in the information and cybersecurity spaces, the reasoning behind the security measures causing the issues can be easy to defend. But CISOs and other security and information officers have different interests from other users who just want to get their ..
Support the originator by clicking the read the rest link below.
