|
|
|
|
|
|
by sbrown12
3188 days ago
|
|
|
Hiya Kevin. I wrote that Inc article. I feel you. How many times have you seen one (or all of these)... -credentials shared across teams
-database credentials stored in plain text config files
-unsecured mongodb clusters I used to think that none of this stuff would change until people were held accountable. Imagine if a data breach at work meant that I had to pay a fine so steep that I had to declare personal bankruptcy...bet that might get people's attention, but I doubt there's the political will to pass laws like that. Instead, I've spent my time trying to tackle it from the other end of incentives- how do we make security tools easier to adopt than the alternative? The SSO guys have done a great job, but there's plenty more to do. *Full disclosure, I founded a data security company |
|
|