Is it possible to have good kharma in information security – when you’re trying to keep the bad guys off your network (firewall, IPS) and keep the good suff inside (data loss prevention) and maintain good internal security (network surveillance)?
I got a Powerpoint slide show in the email this morning from my friend Jeff Green, who plays baritone sax, and sits next to me in the JP Big Band. It’s one of those chain letters that suggest that if you forward it to 15 people or more,  your life will improve drastically and everything you ever dreamed of will begin to take shape. OK – I am against chain letters in principle in the Internet since it is a form of spam but  I am not opposed to words of wisdom from the Dalai Lama – especially if it applies to the kind of work I do – customer data security:

• Learn the rules so you know how to break them properly. ( This is relevant for protecting digital assets – a client of mine once told me that he doesn’t mind if they steal his business plans, since he’s already 2 years ahead of the competition in a blue ocean of his own)
• When you realize you’ve made a mistake, take immediate steps to correct it. (Good idea for an network security manager – if you find a bug in the firewall, or a user sending the entire employee contact list to a private gmail account – best to take immediate corrective action)
• Spend some time alone every day. (My solution is getting on my bike and riding – I wish I could do it every day…)

If you still want the Powerpoint slide show – you can download it here: Good Kharma