Re: IT isn't Information Security
"IT's job is to connect and enable.
Security's job is to prevent unnecessary connections and disable dangerous capabilities."
I tend to think of security of the ratio of the ease with which the intended users can connect and be able to use the facilities to the ease of the bad guys to do the same. In other words it's not useful to lock the bad guys out by locking everyone out.
I can't see how this idea can be applied without making security, or at least IT security, part of IT. The security guard in reception is SEP, of course.
Biting the hand that feeds IT
