The problem with building foolproof systems, so the saying goes, is that the world seems to generate a better class of fool. This seems to be particularly true with systems charged with managing security. In the inseparable troika of policies, process and people, getting to grips with the first two is (almost) easy as long as …
Keep security out of the way
In the 70's I spent some time in a computer bureau which had excellent security - double locks and intercom on the entrance door, daily changes of passwords etc..
All night the back door to the car park was propped open with a brick, for the convenience of the steady stream of couriers who brought in the tapes to be processed. Those waiting to take back finished work were encouraged to use the tea room while they waited. The wall beside the tea room door contained the "Today's Password" notice, for the benefit of shiftworkers who were not present when the magic word was changed.
People will always ignore security that gets in the way of their work. In a mobile world they must be more aware of security issues themselves, but the more invisible and seamless their system security is, the better. (Though technology can't do against people who leave laptops full of bandk account details or National secrets in cabs or airport lounges).
- On the matter of shooting down Amazon delivery drones with shotguns
- Review Bring Your Own Disks: The Synology DS214 network storage box
- OHM MY GOD! Move over graphene, here comes '100% PERFECT' stanene
- IT MELTDOWN ruins Cyber Monday for RBS, Natwest customers
- Google's new cloud CRUSHES Amazon in RAM battle