Re: I'm with Gene

Ira S. Winkler (winkler@c3i.saic.com)
Mon, 26 Feb 96 11:37:34 EST

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Michel Lavondes: "Re: New Subject (please)"
Previous message: Dan Stromberg: "Re: I'm with Gene"
Maybe in reply to: owner-ids@uow.edu.au: "I'm with Gene"
Next in thread: serw30@gibson.cioe.com: "Re: I'm with Gene"

I agree with almost everything that was said by Steve Smith, with the exception
that I do not think you should stress policies to users.  You should stress
Procedures, and why the procedures are important.  All too often I see security
presented as "It is important to protect information, and if you don't you will
be fired."

I prefer to see awareness programs say things like check for access badges and
challenge people that don't belong there, or do not give out your password for
any reason to anyone.  This is as opposed to you are required to wear your badge
or protecting your password is important.

It is a fine line, but it makes a difference.  Awareness briefings and policies
tend to say that protecting information is important, without providing
practical examples of how to do it.

Next message: Michel Lavondes: "Re: New Subject (please)"
Previous message: Dan Stromberg: "Re: I'm with Gene"
Maybe in reply to: owner-ids@uow.edu.au: "I'm with Gene"
Next in thread: serw30@gibson.cioe.com: "Re: I'm with Gene"