Tue, 19 Apr 2011
HBGary Open Letter - Air Gap
Our source code has always been air gapped from the Internet. The forensic
examination confirmed that software development servers and workstations
were not affected by the incident -- from HBGary
Anyone else find it hard to accept that none of the developers, testers, documentation writers or build people ever accessed source code from their Internet connected laptops / workstations? Especially considering the state of their other security measures.
Don't get me wrong, in some cases it's a sensible solution ( off-line key signing for example) but for entire teams working on a shared code base?
Like this post? - Digg Me! | Add to del.icio.us! | reddit this!
Posted: 2011/04/19 13:33 | /security | Permanent link to this entry | This entry and same date
Copyright © 2000-2010 Dean Wilson
