Do employees care about secutity?

Discussion in 'Computer Security' started by Steve, Feb 20, 2006.

  1. Steve

    Steve Guest

    Excerpts from
    http://software.silicon.com/security/0,39024655,39156503,00.htm


    An experiment carried out in London revealed that employees in some of
    the city's best known financial services companies don't care about
    basic security policy.

    CDs were handed out to commuters, and recipients were told the disks
    contained a special Valentine's Day promotion. The CD packaging even
    contained a clear warning about installing third-party software and
    acting in breach of company acceptable use policies, but that didn't
    deter many individuals.

    Effectively the employees, by carrying the CD into the company and
    putting it straight into their PC, had by-passed much of their
    company's security.


    --

    Drawing on my fine command of the English language, I said nothing.

    ....Robert Benchley
    Steve, Feb 20, 2006
    #1
    1. Advertising

  2. Steve

    Todd H. Guest

    Steve <> writes:

    > Excerpts from
    > http://software.silicon.com/security/0,39024655,39156503,00.htm
    >
    >
    > An experiment carried out in London revealed that employees in some of
    > the city's best known financial services companies don't care about
    > basic security policy.
    >
    > CDs were handed out to commuters, and recipients were told the disks
    > contained a special Valentine's Day promotion. The CD packaging even
    > contained a clear warning about installing third-party software and
    > acting in breach of company acceptable use policies, but that didn't
    > deter many individuals.
    >
    > Effectively the employees, by carrying the CD into the company and
    > putting it straight into their PC, had by-passed much of their
    > company's security.


    In other words, confirmation of the long standing notion of the humans
    being the weakest link in the security chain.

    Unless policy is backed up with training and clear consequences for
    violating the policy, the topic is much too technical for more
    people to really fully appreciate.

    Best Regards,
    --
    Todd H.
    http://www.toddh.net/
    Todd H., Feb 20, 2006
    #2
    1. Advertising

  3. Steve

    Arthur T. Guest

    In Message-ID:<>,
    Steve <> wrote:

    >CDs were handed out to commuters, and recipients were told the disks
    >contained a special Valentine's Day promotion. The CD packaging even
    >contained a clear warning about installing third-party software and
    >acting in breach of company acceptable use policies, but that didn't
    >deter many individuals.


    The experiment may be new, but the results were foretold at
    least as far back as 1999. See, for instance:
    http://en.wikipedia.org/wiki/Dancing_pigs_(computer_security)

    --
    Arthur T. - ar23hur "at" speakeasy "dot" net
    Looking for a good MVS systems programmer position
    Arthur T., Feb 20, 2006
    #3
  4. Steve

    donnie Guest

    On Mon, 20 Feb 2006 07:41:14 -0800, Steve <> wrote:

    >Effectively the employees, by carrying the CD into the company and
    >putting it straight into their PC, had by-passed much of their
    >company's security.

    #############################################
    Was that story supposed to have a surprise ending?
    donnie, Feb 22, 2006
    #4
  5. Steve

    Steve Guest

    donnie <> wrote:
    >>Effectively the employees, by carrying the CD into the company and
    >>putting it straight into their PC, had by-passed much of their
    >>company's security.


    >Was that story supposed to have a surprise ending?


    The only surprise is that these financial institutions apparently
    still provide their employees hardware which allows them to install
    software.


    --

    When you are arguing with a fool,
    make sure he isn't doing the same thing.

    ....Unknown
    Steve, Feb 22, 2006
    #5
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Diane

    To Cisco Employees

    Diane, May 1, 2004, in forum: Cisco
    Replies:
    2
    Views:
    479
    Walter Roberson
    May 1, 2004
  2. =?Utf-8?B?am9yZGFu?=

    Microsoft Employees

    =?Utf-8?B?am9yZGFu?=, May 2, 2005, in forum: MCSD
    Replies:
    1
    Views:
    429
    Kline Sphere
    May 3, 2005
  3. Brat

    Met employees today

    Brat, Jan 28, 2004, in forum: MCSE
    Replies:
    35
    Views:
    1,178
  4. Thomas Lees

    Internet / Computer Secutity

    Thomas Lees, Jan 9, 2005, in forum: Computer Security
    Replies:
    10
    Views:
    1,570
    sh4d03
    Jan 11, 2005
  5. TPS Report
    Replies:
    2
    Views:
    475
    Cerebrus
    Oct 23, 2006
Loading...

Share This Page