The flipside of Occam’s razor

“‘[E]ntities must not be multiplied beyond necessity.'”  Per Wikipedia, September 17, 2014. A principle variously stated, generally along the lines of the simplest explanation is preferred over the more-complex one.

“Insurance Site’s Frailties Detailed,” Wall Street Journal, September 17, 2014 A4. Report on a study by the GAO on security weaknesses of HealthCare.gov.

HealthCare.gov is an amalgamation of a bunch of other sites, with multiple connections and numerous contractors, rather than a single site, built from scratch. “Many of the problems stemmed from … disagreements about security roles and responsibilities with the various contractors, states and federal agencies that exchange information ….”

Are your information systems unnecessarily complex?  Are they too complex to secure against attack? Is there a simpler solution?

Advertisements

Leave a comment

Filed under Board, Business Case, Compliance, Controls, Interconnections, Internal controls, IT, Oversight, Risk, Security

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s