Avoiding “Worst Practices,” or praying at “The Temple of Best Practices.”
Full Article at http://www.demop.com/WorstPractices.htm
The “Best Practices Mantra” annoys me.
I define “Best Practices” as practices validated by experience and common sense. Often the “common sense” component is entirely skipped and the “Best Practices Mantra” is used as an excuse for not thinking. That includes not thinking about what “Best Practices” actually means. A quick google reveals lots of “Best Practice” links and “Best Practice Institutes,” but none of them bother to define “Best Practices.” No one bothers to define the Bible or Koran either, but I would argue that they do not need to be defined, and are certainly not fads. The jury is out on “Best Practices” . . .
I was at a new client’s facility yesterday and when I asked about certain security practices and configurations, I often got the blanket statement “Best Practices” as an answer. It was clear in several cases that these alleged “Best Practices” either did NOT apply or were INCORRECTLY implemented. In both cases no one had used their common sense and had instead chosen to place their blind faith and prayers at the “Temple of Best Practices.”
Hence we kick off our Worst Practice series with:
Worst Practices in Best Practices
Practices to avoid like the plague!!!!
1) Assuming all Best Practices apply. Few Best Practices are universal.
2) Turning off your brain while implementing and using Best Practices. Nothing is foolproof, and you should always apply common sense.
3) Implementing Best Practices and thinking you are done.Nothing is static; that includes Best Practices.
4) Implementing Best Practices without avoiding Worst Practices. One major blunder can negate everything!
The “Best Practices Mantra” annoys me.
I define “Best Practices” as practices validated by experience and common sense. Often the “common sense” component is entirely skipped and the “Best Practices Mantra” is used as an excuse for not thinking. That includes not thinking about what “Best Practices” actually means. A quick google reveals lots of “Best Practice” links and “Best Practice Institutes,” but none of them bother to define “Best Practices.” No one bothers to define the Bible or Koran either, but I would argue that they do not need to be defined, and are certainly not fads. The jury is out on “Best Practices” . . .
I was at a new client’s facility yesterday and when I asked about certain security practices and configurations, I often got the blanket statement “Best Practices” as an answer. It was clear in several cases that these alleged “Best Practices” either did NOT apply or were INCORRECTLY implemented. In both cases no one had used their common sense and had instead chosen to place their blind faith and prayers at the “Temple of Best Practices.”
Hence we kick off our Worst Practice series with:
Worst Practices in Best Practices
Practices to avoid like the plague!!!!
1) Assuming all Best Practices apply. Few Best Practices are universal.
2) Turning off your brain while implementing and using Best Practices. Nothing is foolproof, and you should always apply common sense.
3) Implementing Best Practices and thinking you are done.Nothing is static; that includes Best Practices.
4) Implementing Best Practices without avoiding Worst Practices. One major blunder can negate everything!







Comments on "Avoiding “Worst Practices,” or praying at “The Temple of Best Practices.”"
post a comment