13 pointsby ckrailo12 hours ago2 comments
  • amanaplanacanal8 hours ago
    Hard to know if this is a good decision or not. It could very well be that they had just built too much bureaucracy into the process and it needed to be stripped down a bit. Or, given the way things work now, it might just be that they couldn't contract with some of their cronies under the new rules.
    • firesteelrain7 hours ago
      It pauses the third party audit aspect. But if the contract requires NIST 800-171 compliance then nothing changes.
  • mikewarot8 hours ago
    It's really sad that they did the research and figured all this stuff out after VietNam, and proceeded to forget all of it, and go with fundamentally insecure infrastructure because it's what consumers chose.