nanog mailing list archives

Re: Controls are ineffective without user cooperation

From: "Fergie (Paul Ferguson)" <fergdawg () netzero net>
Date: Fri, 16 Jul 2004 13:18:34 GMT





...and security, access-controls, etc. have to have a transparency
and ease-of-use factor such that legitimate users don't actively
attempt to bypass it themselves. :-)

- ferg

-- Sean Donelan <sean () donelan com> wrote:

Donn S. Parker pointed out controls are ineffective without user
cooperation.

According to an AT&T sponsored survey, 78% of executives admitted to
opening attachments from unknown senders in the last year, 29% used their
own name or birthday as a "secure" password, 17% accessed the company
network in a public place and didn't log out, 9% informally shared
a network password with someone outside of the company.

http://www.att.com/news/item/0,1847,13137,00.html

The survey included relatively few people, 254 executives from Europe,
North America ans Asia-Pacific regions.

--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg () netzero net or
 fergdawg () sbcglobal net

Current thread:

Controls are ineffective without user cooperation Sean Donelan (Jul 15)
- Re: Controls are ineffective without user cooperation Christopher L. Morrow (Jul 15)
  - Re: Controls are ineffective without user cooperation Dave Dennis (Jul 15)
    - Re: Controls are ineffective without user cooperation Christopher L. Morrow (Jul 15)
  - Re: Controls are ineffective without user cooperation Stephen J. Wilcox (Jul 17)
    - Re: Controls are ineffective without user cooperation Peter Galbavy (Jul 17)
    - Re: Controls are ineffective without user cooperation Patrick W Gilmore (Jul 17)
    - Re: Controls are ineffective without user cooperation Krzysztof Adamski (Jul 17)
- <Possible follow-ups>
- Re: Controls are ineffective without user cooperation Fergie (Paul Ferguson) (Jul 16)