Re: [fw-wiz] The home user problem returns

From: Jim Seymour (jseymour_at_linxnet.com)
Date: 09/14/05

  • Next message: R. DuFresne: "RE: [fw-wiz] The home user problem returns"
    To: firewall-wizards@honor.icsalabs.com
    Date: Tue, 13 Sep 2005 20:16:27 -0400 (EDT)
    
    

    "Marcus J. Ranum" <mjr@ranum.com> wrote:
    >
    > Mason Schmitt wrote:
    [snip]
    >
    > >User education
    > >----------------
    > >User education still needs to happen
    >
    > Pointless. If educating users was going to work, it would have worked
    > by now. If Anna Kournikova worm and phishing hadn't gotten people
    > to take this seriously years ago, they aren't going to next year, either.
    [snip]
    >

    It may be pointless in home user space, but, IME, it's most definitely
    *not* pointless in the workplace. I regard end-user education as one
    of my best defenses. And it has worked for me.

    Some things that've no doubt helped: Relatively small company--only 150
    or so desktops. Good support from management: Official dispensation to
    *immediately* remove from the network misbehaving machines. I once
    disconnected an entire R&D department. Another time I suspended a
    manager's account (for password sharing). I'm allowed Draconian email
    filtering at the mail gateways. Most of that same filtering is done on
    internal mail servers. But still: End-user education is an important
    component. I have somebody either come to me or email me about how "I
    received this, and it looked suspicious, so I didn't open it. Do you
    want to see it?" on a fairly regular basis.

    Result: We haven't had a single virus/worm/Trojan get loose on the
    network, with *one* exception, in the six years I've been working for
    my current employer. That one exception was a "day 0" kind of a thing,
    infected .zip file, sent from the outside to somebody that was
    expecting an email, with an attachment, from that person. (It didn't
    get far. As luck would have it: Soon after he opened that attachment,
    I had logged-in remotely because of the advisories, detected the spoor,
    and shut down all the mail and POP servers until I got in the next
    morning.)

    Jim
    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards


  • Next message: R. DuFresne: "RE: [fw-wiz] The home user problem returns"

    Relevant Pages

    • Re: [fw-wiz] The home user problem returns
      ... Now, look at Internet security. ... That wouldn't be a problem except for transitive trust(*) - a big chunk, ... that's a lot of why I am so hard on the topic of user education. ...
      (Firewall-Wizards)
    • RE: How to forcely remove or overwrite an open excel file
      ... If you're opening them in VBA code, you can open them in Read Only mode and ... then user education may be the only answer. ... Every time we try to do this we get Access denied error if the file is open. ...
      (microsoft.public.excel.programming)
    • Re: Anti Virus: Improving the current defense strategy.
      ... > The only real solution is user education. ... The first principle of design should be to make it easy to do things ...
      (comp.security.misc)
    • Re: "Ph.D.s in America on the decline"
      ... > high-water mark of 46,010 doctorates awarded in 1998. ... > All other education degrees are up dramatically. ... other nations are ratcheting up their doctoral programs. ...
      (sci.chem)
    • Re: "Ph.D.s in America on the decline"
      ... > Ph.D.s in America on the decline ... > All other education degrees are up dramatically. ... other nations are ratcheting up their doctoral programs. ...
      (sci.physics)