"Outsourcing" - I do not think that word means what you think it means
Outsourcing != Off-Shoring
Sure, you have to be careful with sending your data to other countries, especially where your home nation doesn't have legal extradition. But don't paint the whole idea of outsourcing with that brush...
You are absolutely right - creative people who recognize problems and solutions should be allowed to operate. If you need to drive change in a business, you need to look to the creative people to do it, regardless of where they live in the building." *You are describing an individual, not the IT Dept.* If you see those potentials, then work with the business owners to improve the service delivery, OR make people understand that there are additional business/market requirements to be met. Remember that we're talking about the IT department as a service entity. If there isn't a mechanism to do that easily in the company, then help the business with that as well. A "suggestions" box if you will.
I perform process/system improvement internal to my own company frequently, so I do know what you are describing. "Spoken like a true consultant" sounds like you've been frustrated as a creative, out side the box thinker before; that sucks if its the case. I certainly understand why you might think I would have the "consultant" mentality. I just think if you are a person with the solution, you have to take that information to people with decision making power and money, or you end up not helping your business, which ultimately should be the goal.
Regardless, best of luck to you in your own business:-).
No problem - I do this all day long and I *still* talk to the card brands for clarification sometimes. FYI - you again can share mainframe space with other companies (think airlines, travel companies, etc) - everyone in the chain must be compliant and have contractual language to state that they are compliant. If you want to discuss further I'm happy to chat about it at greater length in another forum. Let me know.
Some additional information that might be interesting even though slightly off-topic...
A company can't really "move away from PCI" as the cardbrands can require compliance as long as you use their system to process payments. I suppose you could go to cash only, or set up a PO / Accounts receivable system, but most businesses aren't willing to give up CC transactions.
I perform consulting services for fortune 500 companies; I see an amazing amount of businesses where IT drives the business, instead of business driving IT decisions i.e "tail wagging the dog".
GOOD business leadership determines the needs of the business and the market, defines and delivers a set of service requirements, and then works with IT to buy/build system(s) to deliver the required services. (On time and budget is a whole 'nother story) If IT is failing to deliver, then its poor management of the business and and IT dept that is in the wrong place in the decision making cycle.
I'm a QSA (PCI authorized auditor), and have done several PCI audits over the last year. I disagree with your statement; you can outsource whatever you like as long as you have the proper contractual language and the outsourcer takes appropriate action/care with the data. I have submitted multiple Reports On Compliance in which the business utilized outsourcing and had the report accepted by the card brands. Same thing for shared systems - its all a matter of doing so in the proper manner.
Heh. Callous management. You should check out Snakes in Suits (http://www.amazon.com/Snakes-Suits-When-Psychopaths-Work/dp/0061147893/ref=pd_bbs_sr_1?ie=UTF8&s=books&qid=1196375725&sr=8-1) - its about psychopaths in management. Apparently they are ~3 times as common in executive as in the population at large...
I'm a QDSP (VISA PCI certified assessor - been through VISA requirements training). Yes, you have to notify those who have been effected - as for how - snail mail. After all, they HAVE your info...
"A 'pacifist male' is a contradiction in terms. Most self-described 'pacifists' are not pacific; they simply assume false colors. When the wind changes, they hoist the Jolly Roger."
Search Google for some guys who have hacked an MCX connector onto one of these for external (dierctional) antennas. I know of at least two groups/pages...one is mentioned in the forums on the metageek site.
I wote a review for labratmagazine.com last month, and I did review the OS X third party software...which is MUCH nicer than the stock stuff. Reg required, but its a decent review. As for picking up Bluetooth....it picked up my headset just fine.
Zoloft is the f*&king devil and is extremely habit forming, not to mention that it destroys your liver and your immune system
Maybe you aren't trolling, so I'll simply say that not everyone has your experiences - perhaps you could provide linkage instead of flaming anecdotes?
I *CAN* say that my grandmother - a lifelong depressive - was treated with Zoloft beginning in her late sixties (75 now) and is IMMENSELY better off today because of it. She's a happier, more engaged person who takes MUCH better care of herself. Her immune system is fine, and her liver function is apparently OK - no complaints and her checkups are normal. She's careful about mixing alcohol w/ it; I believe that this is on the warning label. As for the addiction...maybe? I don't think she cares given the huge improvement in quality of life.
Slashdot Mirror
WARNING PDF go http://bt.ins.com/WorkArea/linkit.aspx?LinkIdentifier=id&ItemID=2665 to view
I also did an interview @ DarkReading.com http://www.darkreading.com/document.asp?doc_id=151382&WT.svl=news1_1 about the survey.
DISCLAIMER: I work for BT, but the survey is pretty unbiased IMHO.
comment first?
Mech Warriors?
Monkey overlords?
I give up.
Could be because +5 creepy seems like a common M.O around here ;-)
FYI - maybe an F-15? Don't recall that the 14 had air-to-ground capability...
:-D
and yes...WAY nitpicky. It's just that I liked the rest of the post
"Outsourcing" - I do not think that word means what you think it means
Outsourcing != Off-Shoring
Sure, you have to be careful with sending your data to other countries, especially where your home nation doesn't have legal extradition. But don't paint the whole idea of outsourcing with that brush...
A payment gateway might take a % of each transaction they process on your behalf (think PayPal)...1% of 5 billion transactions can add up fast.
Payment Card Industry https://www.pcisecuritystandards.org/ - Data handling standards for CC data.
I perform process/system improvement internal to my own company frequently, so I do know what you are describing. "Spoken like a true consultant" sounds like you've been frustrated as a creative, out side the box thinker before; that sucks if its the case. I certainly understand why you might think I would have the "consultant" mentality. I just think if you are a person with the solution, you have to take that information to people with decision making power and money, or you end up not helping your business, which ultimately should be the goal.
Regardless, best of luck to you in your own business :-).
No problem - I do this all day long and I *still* talk to the card brands for clarification sometimes. FYI - you again can share mainframe space with other companies (think airlines, travel companies, etc) - everyone in the chain must be compliant and have contractual language to state that they are compliant. If you want to discuss further I'm happy to chat about it at greater length in another forum. Let me know.
Your point is correct.
Some additional information that might be interesting even though slightly off-topic...
A company can't really "move away from PCI" as the cardbrands can require compliance as long as you use their system to process payments. I suppose you could go to cash only, or set up a PO / Accounts receivable system, but most businesses aren't willing to give up CC transactions.
Yep. I'm a QSA, and you are correct. Blanket statements like the parent are why /. shouldn't be used for advice.
GOOD business leadership determines the needs of the business and the market, defines and delivers a set of service requirements, and then works with IT to buy/build system(s) to deliver the required services. (On time and budget is a whole 'nother story) If IT is failing to deliver, then its poor management of the business and and IT dept that is in the wrong place in the decision making cycle.
I'm a QSA (PCI authorized auditor), and have done several PCI audits over the last year. I disagree with your statement; you can outsource whatever you like as long as you have the proper contractual language and the outsourcer takes appropriate action/care with the data. I have submitted multiple Reports On Compliance in which the business utilized outsourcing and had the report accepted by the card brands. Same thing for shared systems - its all a matter of doing so in the proper manner.
Its the new tape device Native Uniform Linear Loader /dev/null
Heh. Callous management. You should check out Snakes in Suits (http://www.amazon.com/Snakes-Suits-When-Psychopaths-Work/dp/0061147893/ref=pd_bbs_sr_1?ie=UTF8&s=books&qid=1196375725&sr=8-1) - its about psychopaths in management. Apparently they are ~3 times as common in executive as in the population at large...
Nope...wasn't me. I certed about a month ago. If you have other questions let me know.
I'm a QDSP (VISA PCI certified assessor - been through VISA requirements training). Yes, you have to notify those who have been effected - as for how - snail mail. After all, they HAVE your info...
foundational thinking behind DRM (or CRAP if you like)...
Consumers
Really
Are
Pirates
Yep - from their POV CRAP sounds about right...
I do not think that word means what you think it means...
--Inigo Montoya
Heinlein said once, thru Lazarus Long -
"A 'pacifist male' is a contradiction in terms. Most self-described 'pacifists' are not pacific; they simply assume false colors. When the wind changes, they hoist the Jolly Roger."
Somehow that rings a chord with me...
Sniff on a switch with DSNIFF.
Search Google for some guys who have hacked an MCX connector onto one of these for external (dierctional) antennas. I know of at least two groups/pages...one is mentioned in the forums on the metageek site.
I wote a review for labratmagazine.com last month, and I did review the OS X third party software...which is MUCH nicer than the stock stuff. Reg required, but its a decent review. As for picking up Bluetooth....it picked up my headset just fine.
MmmmKayyy!
Maybe you aren't trolling, so I'll simply say that not everyone has your experiences - perhaps you could provide linkage instead of flaming anecdotes?
I *CAN* say that my grandmother - a lifelong depressive - was treated with Zoloft beginning in her late sixties (75 now) and is IMMENSELY better off today because of it. She's a happier, more engaged person who takes MUCH better care of herself. Her immune system is fine, and her liver function is apparently OK - no complaints and her checkups are normal. She's careful about mixing alcohol w/ it; I believe that this is on the warning label. As for the addiction...maybe? I don't think she cares given the huge improvement in quality of life.
My $.02.