Re: Are users right in rejecting security advice?

[Kevin Wilcox <wilcoxkm () APPSTATE EDU>]

On 18 March 2010 13:58, John Ladwig <John.Ladwig () csu mnscu edu> wrote:

> You missed one crucial piece of context when quoting:
>
> "Imagine the relative ease in defending your viewing of an employee’s
> Facebook page if you have this consent in hand:"
>
> The consent blurb you quote is hypothetical, and I don't think it's a
> good idea, nor likely to get past HR or Counsel review (in consultation
> with InfoSec), I'd hope.

Sadly it has in a couple of places (and is gaining popularity outside
of the US).

For example, Bozeman, Montana,

http://abcnews.go.com/Technology/JobClub/Story?id=7879939&page=2

I've been looking for a reference to a similar incident here in North
Carolina that I saw near the end of last year but my search has been
fruitless.

As to why I chose to not quote the "imagine the relative ease ... this
consent in hand", it was implying that it was a good idea. I had been
enjoying the article but at that point I really had to scratch my head
and wonder exactly what the author was up to. As I stated in my
follow-up, the article in its entirety was a good one and hit the nail
squarely on the head - what are the differences between what employers
expect and what employees expect, and how can we bring those two ideas
together - but for it to suggest, or imply, that this may be a good
idea...yes, I laughed.

kmw

-- 
Kevin Wilcox
Network Infrastructure and Control Systems
Appalachian State University
Email: wilcoxkm () appstate edu
Office: 828.262.6259