Educause Security Discussion mailing list archives
End-user Caused Security Vulnerabilities
From: Eric Case <eric () ERICCASE COM>
Date: Thu, 12 Aug 2010 10:52:08 -0700
The University of Arizona MIS department is working on a Delphi Study of security vulnerabilities caused by end-users. Things like filling passwords in the rolodex under P or hiring a student to create a web form that emails the registration information, with credit card data, to the admin associate so she can enter the CC data on her point-of-sale terminal. Seriously, these are real-life examples. I am not making this stuff up. Their short survey of two main questions, what examples of end-user caused security vulnerabilities have you seen and what names would you use to categorize them, is at http://atrial.qualtrics.com/SE/?SID=SV_3C1uTD0YJ7izb0M. Please take a few minutes to share your experience with them. If you respond here, I will forward the info to them but cannot guarantee you will get the study results. -Eric Eric Case, CISSP eric (at) ericcase (dot) com http://www.linkedin.com/in/ericcase (520) 344-CISO (2476)
Attachment:
smime.p7s
Description:
Current thread:
- End-user Caused Security Vulnerabilities Eric Case (Aug 12)