Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Discuss] A Little OT: The Password Post-It



On 4/20/2012 6:46 AM, Chris O'Connell wrote:
> So Rich,  I see your point about enforcement, but how specifically have
> addressed the issues of having passwords on post-its?  I know you mentioned
> becoming friends with the users and making security something they care
> about (which I agree with), but any other suggestions?

It goes both ways.  Just as you want your users to take security 
seriously, we need to take their wants and needs seriously.

Understand the potential threats that you and your users face.  Be 
flexible.  One size fits all security policies ignore users' needs. 
They also ignore how threats grow and change.

We need to be resigned to the fact that there are users who simply won't 
care no matter what we say or do.  All we can do is isolate and contain 
what we can and be prepared for the inevitable cleanup.  And we can hope 
that the corollary loss of productivity is a convincing argument.

-- 
Rich P.



BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org