An untested control is not a control, it’s a wish.

I’m not the kind of person who trusts technology or controls.  It’s just not in me.

But I do trust my wife’s intuition.

So when I saw this youtube video, forwarded to me by my friend Joe Cychosz, I was not surprised to find that my wife’s instinctive distrust of hotel room safes ends up being based in reality.

The worst kind of security is the false sense of security.  It’s why we audit.  It’s why controls MUST be tested before we can truly count on them.  It’s why even the best of security postures is still a weak security posture.

And it is why we must cast a net when we recycle our vendor management program.  Vendors we would normally not think of exposing us to risk can, in this case, surprise us!

And it’s why my wife and I won’t put her jewelry in the hotel room safe.

Original youtube video by Funzfeverz
See the youtube here.

This is a “Dan’s New Leaf” post.  Dan’s New Leaf is a fun blog attempting to inspire thought in the area of technology risk management.