Low Barometric Pressure

So why do doors on meeting rooms open inwards?

Barometric Pressure as people meeting for reasons of wanting to be in the loop, basically moving their heads from side to side scanning the room like the clown game in a side show and adding the same value.

Progressively stealing oxygen from the room and the longer it happens without someone saying why are we here what is the outcome? Who owns the next step? The less oxygen is left at the end.

Now think about what would happen if the door opened outward? The low pressure would suck the door against the jam sealing it shut and people outside would have no way to open it.

Conversely if the door opens inward the pressure may be so great that the door pops open on it’s own saving the lives of all inside or at least rescuers just need to turn the handle to let air in again, as the door slams open under the strain.

A fast thinking attendee could also pop the pins out of the hinges, this person of course would be killed be the door imploding toward them. They may see this as a merciful way to go, I think we just need to hold less meetings.

Low Barometric Pressure

So why do doors on meeting rooms open inwards?

Barometric Pressure as people meeting for reasons of wanting to be in the loop, basically moving their heads from side to side scanning the room like the clown game in a side show and adding the same value.

Progressively stealing oxygen from the room and the longer it happens without someone saying why are we here what is the outcome? Who owns the next step? The less oxygen is left at the end.

Now think about what would happen if the door opened outward? The low pressure would suck the door against the jam sealing it shut and people outside would have no way to open it.

Conversely if the door opens inward the pressure may be so great that the door pops open on it’s own saving the lives of all inside or at least rescuers just need to turn the handle to let air in again, as the door slams open under the strain.

A fast thinking attendee could also pop the pins out of the hinges, this person of course would be killed be the door imploding toward them. They may see this as a merciful way to go, I think we just need to hold less meetings.

Agencies SHOULD

I am rethinking how I would deal with elements of designs where a security control says agencies should...

I have been notionally sharing in the agencies should = do what you want because that seems to be how some folk read the guidance.

But of course this is garbage, so today is the day where “agencies should” actually means our risk assessment says... at least when looking at my projects

I'm thinking a few times it will really be "Computer says NO" or actually Agencies MUST.

Just thinking out loud

*** Update ***

To drive some context

“[–,IC-P,r] non-agency owned devices
6.8.9. Agencies should not allow devices not directly owned and controlled by the agency to be used with
their systems.”

Generally speaking there are many people who see the use of home computers for remote access as the only real method of large scale remote access, allowing for remote workforce in times of emergency or pandemic. I would be concerned that this would quickly lead to “Bring your own computer” policies becoming more of a norm.

I would need serious convincing that BYO Computer is sensible but remote access on the other hand I can see being a necessity in the short term.

So what would a risk assessment look like?

Agencies SHOULD

I am rethinking how I would deal with elements of designs where a security control says agencies should...

I have been notionally sharing in the agencies should = do what you want because that seems to be how some folk read the guidance.

But of course this is garbage, so today is the day where “agencies should” actually means our risk assessment says... at least when looking at my projects

I'm thinking a few times it will really be "Computer says NO" or actually Agencies MUST.

Just thinking out loud

*** Update ***

To drive some context

“[–,IC-P,r] non-agency owned devices
6.8.9. Agencies should not allow devices not directly owned and controlled by the agency to be used with
their systems.”

Generally speaking there are many people who see the use of home computers for remote access as the only real method of large scale remote access, allowing for remote workforce in times of emergency or pandemic. I would be concerned that this would quickly lead to “Bring your own computer” policies becoming more of a norm.

I would need serious convincing that BYO Computer is sensible but remote access on the other hand I can see being a necessity in the short term.

So what would a risk assessment look like?