[72525] in North American Network Operators' Group
Re: Controls are ineffective without user cooperation
daemon@ATHENA.MIT.EDU (Dave Dennis)
Fri Jul 16 01:37:23 2004
Date: Thu, 15 Jul 2004 22:36:53 -0700 (PDT)
From: Dave Dennis <dmd@speakeasy.org>
To: "Christopher L. Morrow" <christopher.morrow@mci.com>
Cc: Sean Donelan <sean@donelan.com>, nanog@merit.edu
In-Reply-To: <Pine.GSO.4.58.0407160527150.12790@sharpie.argfrp.us.uu.net>
Errors-To: owner-nanog-outgoing@merit.edu
Tell them that every time they click on that thing, it costs $1000
to disinfect the LAN and keep the firewall up to date.
Caveat: have yet to actually try this approach, but seems like it would
have a chance at least.
+-------------------------
+ Dave Dennis
+ Seattle, WA
+ dmd@speakeasy.org
+ http://www.dmdennis.com
+-------------------------
On Fri, 16 Jul 2004, Christopher L. Morrow wrote:
>
>
> On Fri, 16 Jul 2004, Sean Donelan wrote:
>
> >
> > Donn S. Parker pointed out controls are ineffective without user
> > cooperation.
> >
> > According to an AT&T sponsored survey, 78% of executives admitted to
> > opening attachments from unknown senders in the last year, 29% used their
> > own name or birthday as a "secure" password, 17% accessed the company
> > network in a public place and didn't log out, 9% informally shared
> > a network password with someone outside of the company.
>
> surprised? if you don't teach the baby the consequences then they continue
> to behave badly. I suppose it IS a little bit tough to tell the executive:
> "Bad Exec!! NO COOKIE!!!" or the equivalent in execu-speak :(
>
> >
> > http://www.att.com/news/item/0,1847,13137,00.html
> >
> > The survey included relatively few people, 254 executives from Europe,
> > North America ans Asia-Pacific regions.
> >
>
