undefined | Better HN

0 pointsams61109y ago0 comments

Private sector will always take the lowest cost option. The market will not give a shit until they start losing real money (edit: or going to jail).

0 comments

1 comments · 1 top-level

nickpsecurity9y ago

Not true. Private sector blows money on bullshit all the time. That's that lucrative, enterprise market you hear about. They'll sometimes spend extra for quality or availability. Stratus Computers and HP NonStop come to mind. Orreck vacuums haha.

They just usually won't do it for security. So, you have to sell high-security as part of some other product with benefits they want that justifies the expense. Security appliances were my obvious choice. Sentinel HYRDA, Secure64 DNS, Sirrix TrustedDesktop, & Samsung KNOX are all examples where they try to sell something useful to businesses with extra assurance embedded in there. I also thought a database or ERP package might pull it off. Subsidize the TCB development at least since enterprises expect the exhorbitant licensing. Shit, make it run PostgresSQL underneath with your "database" just being the front-end on a high-security appliance. ;) Funny enough, I used to design and build stuff like that via Seaview & LDV architectures.

https://www.acsa-admin.org/secshelf/book001/19.pdf

j / k navigate · click thread line to collapse