How do you evaluate whether a security protocol is appropriate for a given product or deployment at AT&T?