The flipside of Occam’s razor

“‘[E]ntities must not be multiplied beyond necessity.'”  Per Wikipedia, September 17, 2014. A principle variously stated, generally along the lines of the simplest explanation is preferred over the more-complex one.

“Insurance Site’s Frailties Detailed,” Wall Street Journal, September 17, 2014 A4. Report on a study by the GAO on security weaknesses of is an amalgamation of a bunch of other sites, with multiple connections and numerous contractors, rather than a single site, built from scratch. “Many of the problems stemmed from … disagreements about security roles and responsibilities with the various contractors, states and federal agencies that exchange information ….”

Are your information systems unnecessarily complex?  Are they too complex to secure against attack? Is there a simpler solution?

Leave a comment

Filed under Board, Business Case, Compliance, Controls, Interconnections, Internal controls, IT, Oversight, Risk, Security

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s