Re: I'm with Gene

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Michel Lavondes: "Re: Sniffer Detection"
• Previous message: Steve Neruda: "Re: Sniffer Detection"
• Maybe in reply to: owner-ids@uow.edu.au: "I'm with Gene"
• Next in thread: Kare Presttun: "Re: I'm with Gene"

Ira S. Winkler wrote:
> 
> I agree with almost everything that was said by Steve Smith, with the exceptio
n
> that I do not think you should stress policies to users.  You should stress
> Procedures, and why the procedures are important.  All too often I see securit
y
> presented as "It is important to protect information, and if you don't you wil
l
> be fired."
> 
> I prefer to see awareness programs say things like check for access badges and
> challenge people that don't belong there, or do not give out your password for
> any reason to anyone.  This is as opposed to you are required to wear your bad
ge
> or protecting your password is important.
> 
> It is a fine line, but it makes a difference.  Awareness briefings and policie
s
> tend to say that protecting information is important, without providing
> practical examples of how to do it.Absolutely Agreed.  I feel also that the wa
y you get the point across is 
imperitive to system security.  If people feel like it will be a 
challenge they will try, plain and simple.  Procedures, are more 
threatning to a potential system intruder.

• Next message: Michel Lavondes: "Re: Sniffer Detection"
• Previous message: Steve Neruda: "Re: Sniffer Detection"
• Maybe in reply to: owner-ids@uow.edu.au: "I'm with Gene"
• Next in thread: Kare Presttun: "Re: I'm with Gene"