[72533] in North American Network Operators' Group
Re: Controls are ineffective without user cooperation
daemon@ATHENA.MIT.EDU (Fergie (Paul Ferguson))
Fri Jul 16 09:21:03 2004
From: "Fergie (Paul Ferguson)" <fergdawg@netzero.net>
Date: Fri, 16 Jul 2004 13:18:34 GMT
To: sean@donelan.com
Cc: nanog@merit.edu
Errors-To: owner-nanog-outgoing@merit.edu
...and security, access-controls, etc. have to have a transparency
and ease-of-use factor such that legitimate users don't actively
attempt to bypass it themselves. :-)
- ferg
-- Sean Donelan <sean@donelan.com> wrote:
Donn S. Parker pointed out controls are ineffective without user
cooperation.
According to an AT&T sponsored survey, 78% of executives admitted to
opening attachments from unknown senders in the last year, 29% used their
own name or birthday as a "secure" password, 17% accessed the company
network in a public place and didn't log out, 9% informally shared
a network password with someone outside of the company.
http://www.att.com/news/item/0,1847,13137,00.html
The survey included relatively few people, 254 executives from Europe,
North America ans Asia-Pacific regions.
--
"Fergie", a.k.a. Paul Ferguson
Engineering Architecture for the Internet
fergdawg@netzero.net or
fergdawg@sbcglobal.net