1. 23
  1. 6

    So many of these orgs are going to be the ones least equipped to do the incident response. Situations like this are what I think about whenever somebody makes a proposal along the lines of “what if everybody had a small server in their home with all their data?”

    1. 5

      Wordpress is in a very similiar situation. A lot of servers running the software with many of the server admins having less that desirable expertise. They mitigate the danger of a zero day exploit via automatic security updates. On the other hand then you could have something like the solarwinds hack. If you put all the data into one central server with an elite team of admins monitoring it, then you still have a single point of failure. I guess there is no perfect secure solution out there. I mean basically every large organization tech or non-tech had a security incident in the past. IT security is not solved yet, I wonder if it will be someday :)

      1. 2

        IT security is not solved yet, I wonder if it will be someday :)

        Security in general is not solved yet. The problem itself is extremely tough: make something somewhat easily accessible to a small group while not accessible to the rest of the world.

      2. 1

        Monocultures are apparently always fragile. Users better have various implementations of the same standard.