Re: Protecting users from their own actions

["Kenneth R. van Wyk" <Ken () KRvW com>]

Wall, Kevin wrote:


Isn't this something that users probably shouldn't be given a choice
on? Normally I would think that corporate security policy dictate
keeping the AV software / signatures up-to-date as well as dictating
the (personal) firewall configurations. Some centrally administered
software should do these things...

I agree that central administration works best in today's corporate 
environments, but I was referring also to the more general desktop 
environments as well, right down to the home and SOHO users that 
have to install and/or update their own.


Aside from that issue, though, the primary point that I wanted to get 
across is that there are substantial limitations to what we can 
accomplish through user education.  I believe that our 
software -- from enterprise app servers through desktop emailers 
and browsers -- needs to do better at protecting users, even 
when they make decisions that we would think to be unwise.


Cheers,

Ken van Wyk