Controls are ineffective without user cooperation

• Previous message (by thread): Controls are ineffective without user cooperation
• Next message (by thread): Two industry forums plan to merge
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

...and security, access-controls, etc. have to have a transparency
and ease-of-use factor such that legitimate users don't actively
attempt to bypass it themselves. :-)

- ferg

-- Sean Donelan <sean at donelan.com> wrote:

Donn S. Parker pointed out controls are ineffective without user
cooperation.

According to an AT&T sponsored survey, 78% of executives admitted to
opening attachments from unknown senders in the last year, 29% used their
own name or birthday as a "secure" password, 17% accessed the company
network in a public place and didn't log out, 9% informally shared
a network password with someone outside of the company.

http://www.att.com/news/item/0,1847,13137,00.html

The survey included relatively few people, 254 executives from Europe,
North America ans Asia-Pacific regions.

--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg at netzero.net or
 fergdawg at sbcglobal.net

• Previous message (by thread): Controls are ineffective without user cooperation
• Next message (by thread): Two industry forums plan to merge
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]