Elwin Loomis

Outhouses and Fort Knox


"This isn’t Fort Knox. This is an Outhouse, it is where sh*t gets done. You secure Fort Knox differently than an Outhouse, for example in an Outhouse the locks are in the inside. "

How I would often address the question of security in regards to RAD's (http://bit.ly/2CPBHl5) work.

In a past post, http://bit.ly/2Ob6WbV I describe a model where experiences orbit around a center of Channels, Data & Platform. The more you approach the center, the closer you get to Fort Knox. The edge are your ‘Outhouses’.

Approaching security as Risk vs Control and architecting in layers can allow one to have their cake (secured data) and eat it (ability to rapidly create, iterate on digital & physical experiences) too.

This isn’t necessarily easy; when creating experiences, teams have to carefully consider exactly what they need to fulfill their vision. In many cases you don’t need to ‘know’ exactly who the user is, when knowing enough about them (their digital shadow) can be enough. Developers need to understand techniques of anonymizing, encrypting, hashing etc. Sometimes sitting a member of your info security team into a product team can make all the difference.

A company should have several outhouses, but one Fort Knox.

Original Linkedin Post: http://bit.ly/2p2bl5y