[SLUG] Legal Question about SCO

From: Robert Foxworth (rfoxwor1@tampabay.rr.com)
Date: Thu Dec 18 2003 - 23:15:49 EST


I was looking over my notes from the Biz2 expo today.
We had a packed-house theater for "Maddog" and his
excellent talk this afternoon.

But that's not the reason I am posting this.

Just before the Maddog talk was an interesrting
presentation, in the same theater, by Dr. Tim
McGuiness who spoke of privacy and security reqmts
that are in place now for businesses. GLB (Graham-
Leach-Bliley) and HIPAA [_not_ "HIPPA"] were
some of his topics. Real eye-openers for businesspeople.

One of several regulations in place is known as "SOX"
(Sarbanes-Oxley) which relates, according to my notes,
to integrity, security and best practices for data and
data repositories maintained by firms.

I wish I had thought ahead fast enough to ask him about
the recent SCO incident in which SCO claimed that
their "intranet" was subject to attack. This was
during the two recent DDOS attacks of the last few days.

The question I would have asked would have centered
around SCO's apparent liability in maintaining a network
architecture in which their "intranet", presumably housing
sensitive/company-confidential data, was allowed to be
subject to outside disruption, and under those conditions,
why they should not be heavily fined by the FTC for
"willful violation" of Sarbanes-Oxley.

Any lawyers out there with an opinion. Myself, IANAL.

Bob

-----------------------
Bob Foxworth
Tampa, Florida
-----------------------------------------------------------------------
This list is provided as an unmoderated internet service by Networked
Knowledge Systems (NKS). Views and opinions expressed in messages
posted are those of the author and do not necessarily reflect the
official policy or position of NKS or any of its employees.



This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 19:46:42 EDT