The Security Mentor

If you hire someone like me, take it in stride if your office doesn't look like something out of James Bond when I'm done.

There are some security measures that not enough people pay attention to, and I'll certainly let you know about those, but sometimes a problem just isn't worth "solving".

Someone I hadn't run into before, Darryl Burling, has an insightful and profound article about security in a mobile phone payment system (mobile wallet). In a nutshell, there aren't many security precautions at all in the system he talks about. But, the risk is low since the target customers keep tight control over their cellphones, the payment system can be turned off if the phone is reported stolen, and the maximum transfer is $125/day anyhow.

Sometimes your security consultant may tell you something just is not worth the effort to protect.

But beware of jumping to conclusions. What if someone figures out a way to impersonate any cellphone they choose and writes a program to drain the payment accounts of all the cellphones in the system? That is worth some real effort to prevent.