I was filling out the order for 5 more AuthAnvil Tokens tonight and I’ve determined that I must have a warped value sense. It all started with a conversation with someone with a sick server. The client had suffered a crash of the server and didn’t call in the consultant to take a look at it until a week later. Now I’m not 100% sure of the reasons that he shoved that service call until later, just too busy, not a good time, whatever, but regardless, by the time the consultant got to that server, the guy with the trumpet was warming up for playing taps shortly.
My firm and I depend way too much on technology to be making decisions based on “later”. “I’ll get around to it”. The decisions you make in the heat of the emergency are always harsher lessons than the planned ones. If I had been in charge of that down server, we would have had the consultant onsite on the very first day of the emergency. Not days later when the diagnostic logs are now so messy with events that the initial time frame of the log has fallen off the event log and you can’t tell which service is failing because of another service failed that it depended on.
So tonight as I’m filling out the order form for more tokens, I’m just amazed at how cheap they are. Passwords are such our achilles heel in business and your goal should be to get to a place such that your User name/domain name can be spray painted on a billboard on a highway and it wouldn’t matter because by the time someone would crack the authentication means you set up to that server, you’d be dead and wouldn’t care and the hacker would be dead as well.
I didn’t just say that because Dana is a friend, or anything like that. It’s a plain fact that his 5 token starter pack is DIRT CHEAP for a two factor authentication package to add to a server that in my office pays the salaries of the firm. Seriously. If the power goes out and the server is down, we CANNOT work. Thus when every single person in the office’s food, shelter, livelihood depends on a stable and secured system, ensuring that we’ve done what we can to ensure that the foundational means to authenticate to that system are way better than PASSWORD on a post it note stuck to the monitor, I just think is something all of us that are the caretakers of client data need to take responsibility for.
Those of us who have a fiduiciary responsibility to client data have said “later” way too much.