The most insecure part of your network is...

IT World ^ | 11 January 2010 | sjvn

[ShadowAce]

[rightwingextremist1776]

end users.....without a doubt it’s the nut behind the keyboard.....

[Gondring]

[...] your real security problem is the people sitting between their keyboards and their displays

Yes...climbing up onto the desk is a dead giveaway.

PEBCAK with this column. :-)

[Still Thinking]

your real security problem is the people sitting between their keyboards and their displays.

I agree. If I saw anyone sitting between their keyboard and monitor, I'd be pretty sure they had a problem.

[KoRn]

"The most insecure part of your network is..."

Without a doubt ....the people using it.

[Still Thinking]

Beat me by 1:45! Curses!

[Bloody Sam Roberts]

end users.....without a doubt it’s the nut behind the keyboard.....

I like to call them.....Lusers.

[posterchild]

We are the security risks we’ve been waiting for.

[rightwingextremist1776]

When they ask me what was wrong with their computer I like to tell them “OH...just another ID10T error”....

[stuartcr]

I guess the only really safe thing to do, is not have any end-users.

[TC Rider]

My nightmare day as IT Manager usually begins with “I had a spyware warning come up on my machine and I installed it and now I keep getting popups.”

[DesertSapper]

A company nearby (which employs a family member of mine as their IT manager) has hired an external data-security firm to test its network. Many of those tests are unannounced and some have shown some very serious weak points.

My kin told me that his company did well on almost all the typical areas: firewalls, physical access to datacenters, change control, OS/application patching, etc. However, they failed miserably overall because of employees.

One test that 90% of employees failed was the "free flash drive" test. The test involves dropping USB flash drives in the parking lot (or giving them away as a promotion somewhere). Software on the drive launches, does some scans, then sends PC/network data to the 'hacking' company. 9 out of 10 people picked up the drives, brought them inside the building, and plugged them into their work PCs. Ouch.

[Gondring]

I guess the only really safe thing to do, is not have any end-users.

That's extreme. The perfectly reasonable answer is that they need to be registered, plus have a waiting period and monthly limit.

[ShadowAce]

I guess the only really safe thing to do, is not have any end-users.

That's extreme. The perfectly reasonable answer is that they need to be registered, plus have a waiting period and monthly limit.

I just charge them for any help they get.

[paulycy]

I guess the only really safe thing to do, is not have any end-users.

[Future Snake Eater]

lol...

And, yes, I concur—PEBCAK constitutes about 95% of my IT issues. Every time I figure there’s NO WAY someone could be dumber than that last guy, an even dumber one shows up to prove me wrong.

[martin_fierro]

Had a negotiation recently with an attorney who sounded just like that on the phone.

Whenever he said, "I'm sorry, I can't do that..." I wanted to reach down his throat and pull out his chips.

[Future Snake Eater]

Very creative...there’s another office, a rather large one that fell for a similar scam...what was it called...? Oh yeah, the Pentagon.

[paulycy]

I wanted to reach down his throat and pull out his chips.

It was a lawyer. Maybe you should have. Who would blame you?