![]() This isn't hiring an auditor or consultant to recommend better security practices but more like a team of world-class detectives, investigators, and forensicists to figure out exactly what happened and how, what they might have done or taken, if they still have or could regain access, and, potentially, ideas as to who or what the culprits may be and what their objectives were. Security incident response is a very specialized role that the vast majority of not only ordinary tech companies but also security tech companies can't necessarily be expected to do entirely on their own in the event of suspicion of a serious breach. you gain a ton of utility and resiliencyĪs someone who used KeePass for more than 10 years until recently, I can honestly say that it was a massive reduction of utility and had no resiliency benefits. ![]() "A little extra work" that is beyond the skills of the vast majority of users. If you lose your key, the file in the cloud becomes useless. This is literally how LastPass and 1Password handle it. > even if I wanted to use somebody else's servers to do that a properly encrypted file with a very strong password could be safely stored anywhere > I keep a password database on the company network with all my work passwords and I have no need to keep a copy of those credentials on a bunch of my personal devices or cloud servers. You can't just dismiss cloud syncing of passwords because you are the edge case who doesn't need it. Yeah, again: all of this is great for you, but it doesn't change the fact that you are a very, very niche case.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |