Here's an excellent (as always) article by Bruce Schneier on the process of thinking about security. "Security is a process, not a product. Products provide some protection, but the only way to effectively do business in an insecure world . . .
Here's an excellent (as always) article by Bruce Schneier on the process of thinking about security. "Security is a process, not a product. Products provide some protection, but the only way to effectively do business in an insecure world is to put processes in place that recognize the inherent insecurity in the products. The trick is to reduce your risk of exposure regardless of the products or patches." It ends with a list of things to keep in mind when you're the one responsible for security in your organization.