I’d argue that field-level encryption should be a starting place for new application development, and in particular field-level encryption with distinct keys for each entity you might contract with (e.g. each business for a business-to-business product, each user for a consumer product).
A brief rant on converging compliance regimes.
- Elisa Baniassad and Alexander Summers have this great paper [Refram...from Hillel Wayne
- The **Therac-25** was a computer-controlled [radiation therapy](htt...from wikipedia.org
- Poka-yoke is another Japanese method, this one invented by Shigeo S...from Don Norman
- the Toyota Production System. Among its many key principles is a ph...from Don Norman
- Forcing functions are the extreme case of strong constraints that c...from Don Norman
- insights from the seven stages of action lead us to seven fundament...from Don Norman
- These are qualities of a good system that we should strive to fulfi...from Josh Beckman
- For large-scale software *systems*, Van Roy believes we need to emb...from Adrian Colyer