I have also followed Mitchell closely as he has been going through his grieving process and I thank the technology that makes it possible. Death is a tough situation for anyone - especially those of us who are too far away to lend local support. And as the father of a 5 and 8 year old, I can't imagine what Ernie's child (or children, I didn't know him) would be going through. God bless him and his family and may they find peace someday soon...

Wow, I never thought I'd see this day! Good luck, Alan! You deserve it!

I agree with HCC. Too many people make the assumption that the data will not be used maliciously. But the real point is, the data on that USB stick is THEIR responsibility - regardless of the outcome.

On another point, regardless of how you treat the end user, they will find ways around current stopgap measures. And security folks can't really make it too difficult in the first place, given executive management cares more about getting business done than protecting bits and pieces of data (for the most part). Only when a breach hits the press is when they tend to change their tune.

As it states in the description, it's only a measure of one point in time - like all compliance mandates. However, this is not an easy nor cheap certification to achieve. If you're concerned about your data or app being hosted somewhere then this is a great sign that the hoster/data center has a good process in place for protecting the host. But it's only a start - the rest is still up to the owner of the data/app (i.e. you can still have a breach on a server that's in a SAS70 Type II environment if you don't have other measures in place to secure it).

I had heard that ProCurve did away with the lifetime warranty thing earlier this year...

I had thought the intent of the SBN was to have a collection of security-centric blogs in one place and not necessarily corporate blogs. Maybe the solution would be to have a corporate blogs-focused SBN?

That being said, it's kind of hard to differentiate at times. E.g. Shimel's blog does at times mention his company's products, but for the most part it's about plenty of other stuff. Having a blog just to pimp your company doesn't seem very effective - I would think doing PR's and using a Twitter account to point to them would be enough.

Shouldn't their DLP (Reconnex) have prevented this? ;-)

Congratulations, Jake!

What Mike said. Besides, I can't stand the touchscreen for typing - what a nuisance. Love my qwerty!

I think maybe Twitter is a great source for more targeted advertising. With everyone twittering their complaints and thoughts about products (along with the usual twitter-banter) companies have a potential for targeting new customers. I read a story not long ago where a company (Time Warner, I think) had a team monitoring Twitter for complaints on new services, so they could reach out and correct them.