Sign in / up

back to article Protecting users against advanced threats and the human factor

Register here to watch our on-demand Regcast, where we look at why the human factor is an important internet security risk. Register for the webcast here and watch this special three-part Regcast at your own convenience. Handy synopsis for you As we reported in April, you build security and the users muck it up. At a time …

COMMENTS

House rules Send corrections
This topic is closed for new posts.
  1. Graham Marsden

    "when you try to build foolproof internet security, users can manage to break it in minutes"

    "It is impossible to make a system foolproof, because fools are so ingenious" - Corollary to Murphy's Law.

    4 0
    1. Will Godfrey Silver badge
      Reply Icon
      Unhappy

      Re: "when you try to build foolproof internet security, users can manage to break it in minutes"

      It's also a waste of time - you're simply breeding a better class of fool.

      2 1
  2. Captain DaFt

    Oh For Fuck's Sake!

    "our white collar workers are managing to give 100 per cent in one area, at least: yes, in the last 12 months they have doubled their click rates on phishing emails!"

    Looks like it's time to legalize the LART for office use!

    Isn't there a BOFH PAC yet?

    0 0
    1. Charles 9
      Reply Icon

      Re: Oh For Fuck's Sake!

      Until someone starts wearing a helmet or simply doesn't react to the board.

      0 0
  3. Ole Juul

    2. Force them to wear mittens at work

    Can we have some nice red ones with the El Reg logo please?

    0 0
  4. FrogInABlender

    What are the dates/times ?

    (June 18 is past)

    0 0
  5. Pascal Monett Silver badge

    There might be an other solution to this issue

    Have an email system where sysadmins can assign user rights to clicking on links.

    For Lusers, no rights. They get mail where links are stripped from the body.

    Once a Luser has eventually proven a certain degree of intelligence (yeah, I know, but for the sake of argument, okay ?), his status can be upgraded to Under Suspicion. Links he receives are stripped and non-clickable, but he can copy/paste them manually into a browser.

    If Luser Under Suspicion manages to not completely bollox everything for six months, he gets upgraded to Luser Under Surveillance. His mails get the links clickable. If he mucks up at any point, he his slapped back down to Luser Under Suspicion and now has to wait a year - oh, who am I kidding, he'll never get upgraded again.

    Obvously, no Luser is ever above suspicion.

    A possible variant of this scenario is links are clickable, but anything under Surveillance automatically gets a 404 in return. Gosh, the Internet is so unreliable these days. . .

    1 0
    1. Charles 9
      Reply Icon

      Re: There might be an other solution to this issue

      "Obvously, no Luser is ever above suspicion."

      But what if the Luser is actually over your head? How many security plans have been ruined by someone up top?

      0 0
This topic is closed for new posts.