Re: Controls are ineffective without user cooperation

[Dave Dennis <dmd () speakeasy org>]

Tell them that every time they click on that thing, it costs $1000
to disinfect the LAN and keep the firewall up to date.

Caveat: have yet to actually try this approach, but seems like it would
have a chance at least.

+-------------------------
+ Dave Dennis
+ Seattle, WA
+ dmd () speakeasy org
+ http://www.dmdennis.com
+-------------------------

On Fri, 16 Jul 2004, Christopher L. Morrow wrote:

> On Fri, 16 Jul 2004, Sean Donelan wrote:
>
> > Donn S. Parker pointed out controls are ineffective without user
> > cooperation.
> >
> > According to an AT&T sponsored survey, 78% of executives admitted to
> > opening attachments from unknown senders in the last year, 29% used their
> > own name or birthday as a "secure" password, 17% accessed the company
> > network in a public place and didn't log out, 9% informally shared
> > a network password with someone outside of the company.
>
> surprised? if you don't teach the baby the consequences then they continue
> to behave badly. I suppose it IS a little bit tough to tell the executive:
> "Bad Exec!! NO COOKIE!!!" or the equivalent in execu-speak :(
>
> > http://www.att.com/news/item/0,1847,13137,00.html
> >
> > The survey included relatively few people, 254 executives from Europe,
> > North America ans Asia-Pacific regions.