Follow

Securing web sites, hypocrisy 

IT services manager has been hounding me about improving the security headers for the library & archives sites for which I'm responsible. Okay, I've got them up to a B and B+ according to observatory.mozilla.org/ (cool tool, BTW!)

Then I checked the sites IT is responsible for:
Uni main site: C+
Uni intranet (students): D-
Uni intranet (faculty/staff): F
Uni course / finance portal: F

They have a *team* for this shit. Why is he bugging me?

Securing web sites, hypocrisy 

@dbs because the team is clearly incompetent?

Securing web sites, hypocrisy 

@draeath Hah! Yeah maybe the IT manager can claim credit in his annual report for increasing the security of a subset of uni web sites thanks to my work. Clearly not happening with his own sites.

re: Securing web sites, hypocrisy 

@dbs A department entrenched with the administration pesters other departments to do the work they won't...

My guess is scapegoating for the sake of protecting themselves.

re: Securing web sites, hypocrisy 

@victoria Could be!

Of course I did ask why their own sites were faring so poorly, because I'm irksome that way. No real reply.

re: Securing web sites, hypocrisy 

@dbs as you say, hypocrisy. They likely don't care about "security", more like they want to avoid having to do unnecessary work.

I speak from specific experience, of course.
Sign in to participate in the conversation
code4lib.social

code4lib.social is a GLAM-themed Mastodon Instance.