The problem with building foolproof systems, so the saying goes, is that the world seems to generate a better class of fool. This seems to be particularly true with systems charged with managing security. In the inseparable troika of policies, process and people, getting to grips with the first two is (almost) easy as long as …
Keep security out of the way
In the 70's I spent some time in a computer bureau which had excellent security - double locks and intercom on the entrance door, daily changes of passwords etc..
All night the back door to the car park was propped open with a brick, for the convenience of the steady stream of couriers who brought in the tapes to be processed. Those waiting to take back finished work were encouraged to use the tea room while they waited. The wall beside the tea room door contained the "Today's Password" notice, for the benefit of shiftworkers who were not present when the magic word was changed.
People will always ignore security that gets in the way of their work. In a mobile world they must be more aware of security issues themselves, but the more invisible and seamless their system security is, the better. (Though technology can't do against people who leave laptops full of bandk account details or National secrets in cabs or airport lounges).
- +Comment Trips to Mars may be OFF: The SUN has changed in a way we've NEVER SEEN
- OnePlus One cut-price Android phone on sale to all... for 1 HOUR
- MARS NEEDS WOMEN, claims NASA pseudo 'naut: They eat less
- UNIX greybeards threaten Debian fork over systemd plan
- Back to the ... drawing board: 'Hoverboard' will disappoint Marty McFly wannabes