> I can't fathom why anyone competent would want to implement this Compliance. Big ...

dcminter • last Wednesday at 10:16 AM • 3 replies • view on HN

> I can't fathom why anyone competent would want to implement this

Compliance. Big financial orgs. and the like must show that they are doing something about "data loss" and this, sadly, is the easiest way to do that.

There's money in it if you can show them a better way.

Replies

musicale • yesterday at 5:45 AM

> Compliance

With anti-security policies that: break TLS, thwart certificate pinning, encourage users to ignore certificate errors, expand the attack surface, increase data leak risks, etc. All while wasting resources and money.

Zscaler and its ilk have conned the IT world. Much like Crowdstrike did before it broke the airlines.

Not to mention:

> We only use data or metadata that does not contain customer or personal data for AI model training.

How reassuring.

https://www.zscaler.com/blogs/company-news/zscalers-commitme...

crote • yesterday at 10:27 AM

Big emphasis on the "show you're doing something" part: actually being effective isn't a requirement.

alt Hacker News

Replies