The problem with building foolproof systems, so the saying goes, is that the world seems to generate a better class of fool. This seems to be particularly true with systems charged with managing security. In the inseparable troika of policies, process and people, getting to grips with the first two is (almost) easy as long as …
Keep security out of the way
In the 70's I spent some time in a computer bureau which had excellent security - double locks and intercom on the entrance door, daily changes of passwords etc..
All night the back door to the car park was propped open with a brick, for the convenience of the steady stream of couriers who brought in the tapes to be processed. Those waiting to take back finished work were encouraged to use the tea room while they waited. The wall beside the tea room door contained the "Today's Password" notice, for the benefit of shiftworkers who were not present when the magic word was changed.
People will always ignore security that gets in the way of their work. In a mobile world they must be more aware of security issues themselves, but the more invisible and seamless their system security is, the better. (Though technology can't do against people who leave laptops full of bandk account details or National secrets in cabs or airport lounges).
- NASA boffin: RIDDLE of odd BULGE FOUND on MOON is SOLVED
- Pic Mars rover 2020: Oxygen generation and 6 more amazing experiments
- Microsoft's Euro cloud darkens: US FEDS can dig into foreign servers
- Boffins spot weirder quantum capers as neutrons take the high road, spin takes the low
- Plug and PREY: Hackers reprogram USB drives to silently infect PCs