Failing when trying to reach a client
Mar 17th, 2015 by Jesper Kråkhede
I do take pride in my skills in communicating all aspects of security but sometimes even I fail. I met with a lawyer recently that was employed at one of my clients. They had a problem with German legislation demanding that they were able to prove that the protection deployed on the laptops were sufficient for protecting personal data. When discussing with him I utterly failed to communicate that there needs to be a security baseline that is followed and that using hard drive encryption on all laptops is not enough when 30% of the employees where domain administrators. At least the CSO understood what I meant.