Firewall Wizards mailing list archives
RE: The home user problem returns
From: "Paul Melson" <pmelson () gmail com>
Date: Wed, 14 Sep 2005 17:03:02 -0400
-----Original Message----- Subject: Re: [fw-wiz] The home user problem returns
"Marcus J. Ranum" <mjr () ranum com> wrote:Pointless. If educating users was going to work, it would have worked by now. If Anna Kournikova worm and phishing hadn't gotten people to take this seriously years ago, they aren't going to next year, either.It may be pointless in home user space, but, IME, it's most definitely *not* pointless in the workplace. I regard end-user education as one of
my best
defenses. And it has worked for me.
This thread has really gotten me thinking about user training, mostly because it's something on my to-do list for the year and the timing is just about perfect. So I decided that I would be an optimist but also a pragmatist about this in my professional life and I've been doing a little bit of homework in the environment I currently work in. So here are my generalized observations: The first one is simple, and applies directly to what I quoted above. Anymore, the distinction between home users and business users is all but pointless thanks to cheap broadband, cheap laptops, and cheap VPN solutions. The brutal reality of that observation is that if this sounds like your environment, then your users' lousy security at home will translate into problems for your business network, or at least an important risk that you now have to manage. The second observation is based on data collected from my current employer's nifty ticketing system. After going through all of the spyware, IM, virus, worm, p2p, crapware tickets (roughly 60 in 2005) that have been fielded, the vast majority of them have a common thread. All of the systems affected are Windows XP, our standard desktop OS (though we've got a few dozen Linux and Mac desktops as well). No shock there, this dead horse has been beaten repeatedly in this thread alone. But the thing that turned a little light bulb on in my head was the fact that the vast majority of these users actually came from a minority segment of our user base - those people with local admin privileges. These people are typically analysts, developers, and so on - users with better than average technology savvy. I suspect that this is actually a two-pronged issue. The big, pointy prong being that if users can install software and modify the Registry and system file space, crapware can stick around. The second, more subtle prong being that these people have this access specifically so that they can use software that is "unsupported" by tech support staff - we've defined these users as our victim pool for crapware and worms not just at the OS level, but also at the business level. And I suspect that most organizations are in this same boat if they bother to take local admin away from desktop users at all. PaulM _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- RE: The home user problem returns, (continued)
- RE: The home user problem returns Marcus J. Ranum (Sep 13)
- Re: The home user problem returns Mason Schmitt (Sep 14)
- Re: The home user problem returns R. DuFresne (Sep 13)
- Message not available
- Message not available
- Re: The home user problem returns mason (Sep 14)
- RE: The home user problem returns Paul Melson (Sep 22)
- Re: The home user problem returns Mason Schmitt (Sep 13)
- RE: The home user problem returns Paul Melson (Sep 13)
- Re: The home user problem returns Mason Schmitt (Sep 13)
- Re: The home user problem returns Jim Seymour (Sep 13)
- RE: The home user problem returns Tina Bird (Sep 14)
- RE: The home user problem returns Paul Melson (Sep 22)
- Message not available
- Re: The home user problem returns Mason Schmitt (Sep 12)
- RE: The home user problem returns Paul Melson (Sep 13)
- Re: The home user problem returns Mason Schmitt (Sep 13)
- Re: The home user problem returns Jim Seymour (Sep 13)
- RE: The home user problem returns Bill Royds (Sep 14)
- RE: The home user problem returns Jim Seymour (Sep 22)
- RE: The home user problem returns Brian Loe (Sep 22)
- Re: The home user problem returns R. DuFresne (Sep 13)
- Re: The home user problem returns Mason Schmitt (Sep 13)
- RE: The home user problem returns Tina Bird (Sep 13)