Educause Security Discussion mailing list archives
Re: Are users right in rejecting security advice?
From: Allison Dolan <adolan () MIT EDU>
Date: Wed, 17 Mar 2010 08:17:09 -0400
Extract from another article re: security awareness: "...If you can successfully educate users to not accidentally install malware, you'll immediately eliminate the biggest risk in your environment. Of course, this is easier said than done. The hackers know this and count on it..." ......Allison Dolan (617-252-1461) On Mar 17, 2010, at 4:18 AM, Russell Fulton wrote:
Part of my daily mantra is that "Security must work for the end user". If it does not then they will find ways around it and may well create far worse problems that the ones we were trying to fix. What I mean by 'work' is that the extra effort involved must be seen as matched to the threat as perceived by the user. If it isn't you have two options, you can adopt different strategy to mitigate the threat that has less impact on the user or you can educate the user to change their perception of the threat. Both are perfectly valid approaches.
Current thread:
- Are users right in rejecting security advice? Allison Dolan (Mar 16)
- <Possible follow-ups>
- Re: Are users right in rejecting security advice? Mclaughlin, Kevin (mclaugkl) (Mar 16)
- Re: Are users right in rejecting security advice? Stanclift, Michael (Mar 16)
- Re: Are users right in rejecting security advice? Allison Dolan (Mar 16)
- Re: Are users right in rejecting security advice? Russell Fulton (Mar 17)
- Re: Are users right in rejecting security advice? Valdis Kletnieks (Mar 17)
- Re: Are users right in rejecting security advice? Allison Dolan (Mar 17)
- Re: Are users right in rejecting security advice? Mclaughlin, Kevin (mclaugkl) (Mar 17)
- Re: Are users right in rejecting security advice? Valdis Kletnieks (Mar 17)
- Re: Are users right in rejecting security advice? Vik Solem (Mar 17)
- Re: Are users right in rejecting security advice? Mclaughlin, Kevin (mclaugkl) (Mar 17)
- Re: Are users right in rejecting security advice? Joe St Sauver (Mar 17)
- Re: Are users right in rejecting security advice? Perloff, Jim (Mar 17)
- Re: Are users right in rejecting security advice? Brad Judy (Mar 17)
- Re: Are users right in rejecting security advice? David Escalante (Mar 17)
- Re: Are users right in rejecting security advice? Mclaughlin, Kevin (mclaugkl) (Mar 17)
- Re: Are users right in rejecting security advice? Michael Van Norman (Mar 17)
(Thread continues...)