http://itknowledgeexchange.techtarget.com/security-bytes/users-may-be-the-weakest-link-but-its-not-their-fault/ A SearchSecurity.com blog Sat, 28 Nov 2009 05:14:17 +0000 http://wordpress.org/?v=2.6.2 http://itknowledgeexchange.techtarget.com/security-bytes/users-may-be-the-weakest-link-but-its-not-their-fault/#comment-534 SecMusings » Blog Archive » Don’t blame the user Tue, 17 Jun 2008 01:32:37 +0000 http://security.blogs.techtarget.com/2008/06/03/users-may-be-the-weakest-link-but-its-not-their-fault/#comment-534 [...] There was an interesting post on the Security Bytes blog, reminding us that while many attacks are based on user susceptibility, it’s short sighted to just blame the users. While many of us have favorite nasty acronyms to describe our users, in fact, the fact that their behavior enables many cyber attacks is as much our fault as theirs. In many cases, the users have had insufficient training and awareness to know that their behavior is unwise. It is up to us as technologists and security professionals to educate our users. [...] [...] There was an interesting post on the Security Bytes blog, reminding us that while many attacks are based on user susceptibility, it’s short sighted to just blame the users. While many of us have favorite nasty acronyms to describe our users, in fact, the fact that their behavior enables many cyber attacks is as much our fault as theirs. In many cases, the users have had insufficient training and awareness to know that their behavior is unwise. It is up to us as technologists and security professionals to educate our users. [...]

]]> http://itknowledgeexchange.techtarget.com/security-bytes/users-may-be-the-weakest-link-but-its-not-their-fault/#comment-533 Andy Mon, 16 Jun 2008 23:19:56 +0000 http://security.blogs.techtarget.com/2008/06/03/users-may-be-the-weakest-link-but-its-not-their-fault/#comment-533 The lack of awareness is compounded by the use of a platform that often has ordinary users surfing the web using a login with administrative rights. This isn't entirely the fault of the administrators of their workstations. There is a lot of Windows software out there that breaks if you lock down the user's account. I've seen serious attempts at building a secure, unprivileged desktop build get stalled over this issue. The lack of awareness is compounded by the use of a platform that often has ordinary users surfing the web using a login with administrative rights. This isn’t entirely the fault of the administrators of their workstations. There is a lot of Windows software out there that breaks if you lock down the user’s account. I’ve seen serious attempts at building a secure, unprivileged desktop build get stalled over this issue.

]]> http://itknowledgeexchange.techtarget.com/security-bytes/users-may-be-the-weakest-link-but-its-not-their-fault/#comment-532 John Mon, 16 Jun 2008 17:29:47 +0000 http://security.blogs.techtarget.com/2008/06/03/users-may-be-the-weakest-link-but-its-not-their-fault/#comment-532 I think this problem will always exist. Unless an organization changes the corporate culture. Has any tried to sit down with executives to teach them about secruity? They just dont care. I think when an organization has programs for new hirres, and strict security awarness programs, that are mandotory. Then you may start to see results. Futhermore, you need accountability. Without it security is useless I think this problem will always exist. Unless an organization changes the corporate culture. Has any tried to sit down with executives to teach them about secruity? They just dont care. I think when an organization has programs for new hirres, and strict security awarness programs, that are mandotory. Then you may start to see results. Futhermore, you need accountability. Without it security is useless

]]>