You cannot – and should never – rely on your users for complete security…yet they’re often the first or last line of defense – sometimes both.
I wrote about this a while back but it’s a problem that’s still rampant in IT so I had to bring it up again. It’s probably my biggest pet peeves with security. Simply telling users that they need to select strong passwords on their computer systems and leaving it up to them to do the right thing is delusional.
I do believe that most people want to do the right thing…that said, people are going to take the path of least resistance if they’re presented with it. Set them up for success instead and take that power away when you can.
“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.
His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”