If you're only talking about classified systems, sure. But it didn't sound to me like we were only talking exclusively about those kind of systems. On Wed, Oct 10, 2018 at 11:08 AM Naslund, Steve <snasl...@medline.com> wrote: > > Remember we are talking about classified intelligence systems and large IT > organization infrastructure (Google, Yahoo, Apple) here (in the original > Supermicro post). > > That would be information whose unauthorized disclosure would cause grave or > exceptional grave harm (definition of secret and top secret) to the National > Security of the United States. Seems like that warrants a default deny all > (which is DoD and NSA policy). I would argue that ANY datacenter server > should be protected that way unless it is intended to be publicly accessible. > > Steven Naslund > > > >To be fair, the idea that your security costs shouldn't outweigh > >potential harm really shouldn't be controversial. You don't spend a > >billion dollars to protect a million dollars worth of product. > > > >That's hardly trolling.
-- 09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
