Error 404--Not Found
From RFC 2068 Hypertext Transfer Protocol -- HTTP/1.1:
10.4.5 404 Not Found
The server has not found anything matching the Request-URI. No indication is given of whether the condition is temporary or permanent.
If the server does not wish to make this information available to the client, the status code 403 (Forbidden) can be used instead. The 410 (Gone) status code SHOULD be used if the server knows, through some internally configurable mechanism, that an old resource is permanently unavailable and has no forwarding address.
Consultant Tom Patterson gained international experience in network security during his career with KPMG Consulting, Deloitte & Touche and as chief strategist for e-commerce at IBM. He sums up his worldview in a book entitled “Mapping Security: The Corporate Security Sourcebook for Today’s Global Economy,” a guide to rolling out network operations in Asia, North America, Latin America and Europe. Patterson recently spoke with me about his book.
Q. China is a country in expansion and a lot of companies will want to set up offices there if they haven’t already. In your book, you discuss a few points worth knowing about networking in China, such as the government’s support for IP v.6 and restrictions on encryption.
A. In China telecommunications and ISPs follow the government’s guidance, they don’t have independence in that regard. China decided as a country to get behind IP v.6, which they expect to have ubiquitously by the 2008 Olympics. IP v.6 gives you a limitless supply of IP addresses whereas we have run out in IP v.4. It’s harder to hide with an IP v.6 address. IP v.6 is going into mobile devices, which is true in Japan, too. This is going to make it easier to have devices interconnected. Instead of a big firewall, there will be tiny firewalls built into components.
Q. There seem to be restrictions on using encryption in China.
A. In China, Saudi Arabia and France, you have to agree to give the encryption keys to the authorities or agree to only use 40-bit encryption. In France, though, there’s only been highly selective enforcement of this.
Q. You take on controversial issues in your book in describing how cultural attitudes, including those regarding gender, impact daily business. What are the best and worst places in terms of gender equality you have seen?
A. For complete equity in gender, I’d have to say it’s the United Kingdom and China. The Middle East has historically had a big separation of duties where there was “man’s work” and “women’s work.” But one impact of this is that it held back use of computing in the Middle East because typing was a “women’s job.” Because computing was associated with women, the result was that it held back networking there. When it comes to Europe, it’s harder for women to get a good executive job.
Q. Your book goes into some detail why U.S.-oriented firms in particular have to overcome parochial notions about how things are done and instead rely more on local experts to run security in global operations.
A. We suffer from a “not invented here” syndrome. For any company trying to go global, understanding the culture where you are is critical. There’s a myth that you can manage without speaking the local language.
Q. What are the most successful companies you’ve seen in terms of running security-minded global operations?
A. The oil companies have been successful in global security, including physical and disaster recovery. They’re further ahead than the banks
Q. You make the point that regulations are so complex and sometimes contradictory around the world, the challenge for the security manager is balancing them all in a global operation.
A. The data privacy laws vary, for example. In California, you have the data privacy law for reporting security breaches but in France, you have a different data privacy law with the European Union directive -- for instance, where you have to back up your data in your home office.
Q. What are some of the biggest problems facing security managers anywhere?
A. The chief security officers (CSO) say ‘I know what I have to do, I can’t get the budget.’ The chief information officer (CIO) says “We’ve got the money, we don’t know what to do.’ The chief financial officers, and others, don’t participate. That’s the biggest problem.
Post a comment