On 16 Dec 2014, at 1:42, Mike Hoskins (michoski) wrote:
You can acknowledge things aren't a panacea, while still deriving some benefits from them.
My point is that the negatives far outweigh the benefits in most organizations.
Monitoring/analytics (intelligence) is key, so the operator can intelligently control flows across their services based on risks and observed threats.
Yes, I'm a big advocate of this - but it's honored more in the breach than in the observance, all in all.
Concentrating on telemetry and analytics, and in the people to utilize same, makes a lot more sense than concentrating on software diversity, in most organizations. Worrying about software diversity is something to do after you've done just about everything else you can to improve your security posture.
----------------------------------- Roland Dobbins <rdobb...@arbor.net> _______________________________________________ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
