The problem with building foolproof systems, so the saying goes, is that the world seems to generate a better class of fool. This seems to be particularly true with systems charged with managing security. In the inseparable troika of policies, process and people, getting to grips with the first two is (almost) easy as long as …
Keep security out of the way
In the 70's I spent some time in a computer bureau which had excellent security - double locks and intercom on the entrance door, daily changes of passwords etc..
All night the back door to the car park was propped open with a brick, for the convenience of the steady stream of couriers who brought in the tapes to be processed. Those waiting to take back finished work were encouraged to use the tea room while they waited. The wall beside the tea room door contained the "Today's Password" notice, for the benefit of shiftworkers who were not present when the magic word was changed.
People will always ignore security that gets in the way of their work. In a mobile world they must be more aware of security issues themselves, but the more invisible and seamless their system security is, the better. (Though technology can't do against people who leave laptops full of bandk account details or National secrets in cabs or airport lounges).
- Analysis iPhone 6: The final straw for Android makers eaten alive by the data parasite?
- First Crack Bloke buys iPHONE 6 and DROPS IT to SMASH on PURPOSE
- First Fondle Register journo battles Sydney iPHONE queue, FONDLES BIG 'UN
- Early result from Scots indyref vote? NAW, Jimmy - it's a SCAM
- TOR users become FBI's No.1 hacking target after legal power grab