A hole in the sidewalk

There's a book, A Hole in the Sidewalk I read a while back.  It is about recovery and just NOT repeatedly stepping into the same hole.  There is a little wishful thinking in the book but it has some good thoughts simply expressed.

This memory brought to you by Solar Winds.  I ran an IT support company for a dozen years and as my focus moved from residential to business I realized that I could not afford to hire the people required to support businesses in the manner they needed and deserved.  Businesses tend to either ignore security or think it should be cheap.  This syndrome is due to the fact they are using one of the most complex systems and processes in the world as the basis for their business and don't understand or want to understand them.  We have someone to do that.

Turns out our government works the same way.  But for the cheap part.  We continue the Reagan era outsourcing to our great companies.  I was taught in the Navy that one can delegate responsibility but not accountability.  We're just outsourcing both.

I used a competing product that did exactly what Solar Winds did which is provide all the complex back end support that I could not afford to employ.  When an IT person works on your system, they have complete control.  That should only be your internal tech.  He or she gives out partial, very controlled, access to outside entities for specific roles.  But that takes a lot of effort and costs money to do it right.  So nearly every company just rolls the dice and opens their systems or pays for less knowledgeable employees to do the critical security work.

At one point I looked at Solar Winds.  The company was (and apparently still is) arrogant.  They just seemed off to me.  I finally asked on a tech forum about them and the response was, "Stay with what you have and learn it.  None of these guys are any better [Solar Winds has half a dozen competitors one of whom I was using at the time]".  That was some of the best advice I ever received.  I ran from Solar Winds.

There will be a couple of years of hearings about the Solar Winds debacle and it will cost the U.S. billions of dollars and should result in a lot of people getting fired and the end of Solar Winds who has known there was a problem for about nine months now.  

And we are now at war on another front.  At least we're transitioning away from an administration that is nearly performing sexual acts on the leader of the country who has been attacking us for the past year or so and to an administration that will attack back.  

This will get ugly and we likely will never know what is going on.  You know, security.  But the hole is still in the sidewalk unless/until we decide to grow the group from within to fix it.


