Re: Spaf did not receive your email (was Re: Job Descriptions)

[Randy Marchany <marchany () VT EDU>]

> But, it means that I have to have my virus patterns updated very often (which
> happens automatically), and we also have Antigen from Sybari on our
> Exchange servers, so 99.9% of the emailed viruses never make it to my
> desktop.

So do we but I have copies of Trojan programs that still pass through AV
filters undetected. We should never forget the trojan threat. That's why I
fear the Office attachments.

I have long said that users need to get a "Network Drivers License" before
they get on the net. Nothing fancy, just basic awareness and good practices.
The DMV model proves that a highly complicated piece of technology (a car) can
be used safely by the general populace once they pass a "driving" test. Why
not do the same for people who use computers? There are car freaks who can't
resist twiddling under the hood and there are people who just want the thing
to start and get them to where they're going. Same with computers. Everyone
knows to lock their car, keep the keys in a safe place, be careful who you
lend the car to and yes, get the occasional speeding ticket. Why not the same
for computers?
Yeah, people drive w/o licenses, the net shouldn't be regulated (I've heard
all of this before) but the CONCEPT of raising user awareness before use isn't
that hard to grasp. We're spending too much time on the details of security
and ignoring user education. Let's take a lesson from the DMV.

Just my .02.

        Randy Marchany
        VA Tech IT Security Lab
        VA Tech Computing Center
        Blacksburg, VA 24060
        540-231-9523
        marchany () vt edu
        http://security.vt.edu

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/memdir/cg/.