Viewing a single comment thread. View all comments

hombrent t1_j266uod wrote

Yeah, but you don't need to configure it well. You just need to document that you have it, and that only authorized people can configure it.


Oh yeah. And you need to write a policy that says that you need to have it.


discgman t1_j26h6oa wrote

We also did a security audit paid for by state funding