| Your solution of "write your own" is fraught with so many problems. Why not write your own OS? Then you can control the vulns! Why not design your own hardware? You can secure the hardware comms channels better. Why not invent your own coding language? You can ensure it's written with zero vulns. Why not invent a new base-30 numbering system? With out extra efforts, they can't even read your excel spreadsheets! Your solution works in a select few companies that have monster dev farms, but everyone else cannot implement this and it's silly to tout it as a solution. There are zero perfect solutions. The way we do this in the real world, is patch, read up on vulns that might affect us, monitor, control access, and audit. It's still not perfect, since nothing is, but in 30+ years of managing Healthcare IT and being senior technical, I've had exactly 1 breach and she did it with pencil and paper, at an HIS workstation, who's job is to look at many medical records, daily. Your Mileage Will Vary. |