Wednesday, March 20, 2013

Boeing puts 787 battery through tough tests it once avoided

Okay, so nothing security related here. Except that in many an occasion, I have seen companies and people producing security documents and not respecting them.

In the Boeing case, the firm wrote a series of tests to match recommendations made by the RTCA, but it seems that for a number of reasons they decided against running the Boeing 787 batteries against these, ending in the situation we know: two batteries overheated in a plane and most of the 787 aircraft were stranded until the problem has been sorted, costing millions of US dollars around the world.

Back to security: several regulations require policies to exist and be enforced. However, it is common to see a company with security policies and find dozens of violations after a day of investigation. It results a false sentiment of security, with people claiming that they are secure due to the policies, but not realizing that systemic violations of said policies are actually equivalent to not having any policy at all. That lack of respect and enforcement has, more than a few times, led to serious data breaches.