[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <e92364c305060914013b23ca3c@mail.gmail.com>
Date: Thu Jun 9 22:01:23 2005
From: jftucker at gmail.com (James Tucker)
Subject: Off topic rant to my friends
Quite right too, and IMO it is not completely off topic. I might point
out that (certainly on windows platforms) teaching users the F1 key is
also a damn good start, as the modern documentation is now quite
mature.
On 6/5/05, Randall M <randallm@...mail.com> wrote:
> Sorry to rant to this list. This list though has the only people on it who
> totally understand this ranting.
>
> Every morning before heading for work I read all my security alert emails
> and website collections about possible Trojans, worms and viruses found.
> Being a faithful worker I do this on the Weekends too.
>
> Once at work I check my web appliances, gateway, Exchange boxes and data
> servers for dat updates and check log files. I spend the first two-three
> hours of my work day doing this every day.
>
> Why do I do this? I do it to protect my company's investment. To ensure that
> the employee's have a job that day. To make sure that customers will have on
> time delivery and so new customers can make orders, etc., etc.
>
> Today I read this article:
> http://www.eweek.com/article2/0,1759,1823633,00.asp?kc=EWRSS03129TX1K0000614
>
> For some reason, maybe the coffee, I sat there thinking what the hell am I
> doing all this for? Am I being paid by my company to set up and protect only
> for some future use as a botnet for some organized crime boss!!
>
> I continually spend time, money and research on ways to protect. All of my
> mechanisms I use are actually as helpless as I am!! It's the blind leading
> the blind!!
>
> Then, like a message from God, a memory of a phone call from one of our
> users came to me:
>
> "Hey, I received this email about my account being suspended for security
> reasons, I immediately deleted it but just wanted to let you know".
>
> My small employee awareness program was slowly paying off. A year ago that
> same phone call would have been the "I think I did something bad" type. I
> now realize that my investments and my time have been spent MORE in the
> wrong place. I'm turning that around and heading back to the user. They are
> MY PROACTIVE, PREEMPTIVE protection!! I am no longer depending on the
> Anti-Virus dats or the front-end Appliances or the Gateways because a simple
> "Click" by the user makes them all useless. And it looks as though I can't
> depend on them to keep that "click" opportunity from the user.
>
> Praise be to God for the User! They are powerful! They are trainable! They
> are my BEST defense!
>
> There. I fell better now.
>
>
> thank you
> Randall M
>
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
Powered by blists - more mailing lists