Hacker News new | ask | show | jobs
by enraged_camel 2559 days ago
I have never come across a compliance policy that people didn't hate.

Compliance, almost by definition, needs to make people's job harder, or create extra work. Because people are lazy, and they tend to go for the path of least resistance, and those are not good things in the context of safety and security.
1 comments
MrMorden 2558 days ago
Compliance is a tool. It's used to enable security iff the C-suite want to use it that way; otherwise, it's just another meaningless metric.
link