Controls are ineffective without user cooperation
Fergie (Paul Ferguson)
fergdawg at netzero.net
Fri Jul 16 13:18:34 UTC 2004
...and security, access-controls, etc. have to have a transparency
and ease-of-use factor such that legitimate users don't actively
attempt to bypass it themselves. :-)
- ferg
-- Sean Donelan <sean at donelan.com> wrote:
Donn S. Parker pointed out controls are ineffective without user
cooperation.
According to an AT&T sponsored survey, 78% of executives admitted to
opening attachments from unknown senders in the last year, 29% used their
own name or birthday as a "secure" password, 17% accessed the company
network in a public place and didn't log out, 9% informally shared
a network password with someone outside of the company.
http://www.att.com/news/item/0,1847,13137,00.html
The survey included relatively few people, 254 executives from Europe,
North America ans Asia-Pacific regions.
--
"Fergie", a.k.a. Paul Ferguson
Engineering Architecture for the Internet
fergdawg at netzero.net or
fergdawg at sbcglobal.net
More information about the NANOG
mailing list