Sunday, May 22, 2022

Why you shouldn’t trust your users

IS YOUR NETWORK SECURE ENOUGH TO FIGHT OFF CHOCOLATE? The short answer: probably not.

Even with all of the security-related news in recent years, Infosecurity Europe’s now famous experiment (it just completed the sixth one) shows people are still willing to divulge questions about corporate security in exchange for a chocolate bar.

Here are four things you can do to minimize the security risks from your users:

First, educate, educate, educate. There is no substitute for informed workers, and telling them once a year won’t be enough.

Second, make them sign an agreement that has some teeth. Something along the lines of, “If it is found that I have jeopardized corporate security through my stupidity I understand that I will be thrown out on my ear” (human resources may want to fine tune the wording).

Third, reduce or even remove your reliance on user names and passwords as access controls. Fingerprint readers and swipe cards in addition to or instead of account names and passwords will provide insulation against users revealing their account details to a third party.

Fourth, warn your users about strangers with candy.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication. Click this link to send me a note →

Jim Love, Chief Content Officer, IT World Canada

Related Tech News

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.