Exactly. We ended up having to just come up with better alternatives for that particular group and then "excitedly" showing them the better way. It worked after a couple of times. Now they actually come to us first and ask what we would recommend. Someone mentioned "social engineering", it's a big part of IT daily life if you want it to be less stressed.
It helped that 2 disgruntled employees tried to steal proprietary info when they left. Great example to management of why we need to pay attention and how well it can work when we do. One is in jail and one got 2 years probation. It's a felony in Pennsylvania to commit data or trade secret theft. Tons of stories out there about companies being damaged this way, makes great ammunition for convincing management of the need to follow good security practices. Went a long way to getting other employees to say, "I can really see why your approach is important". Of course that will wear off in time as new people come in and say, "But we could do anything we wanted at the last place I worked". :-) We may not always be able to prevent the misuse of "questionable" applications or systems, but we can pay attention and have a plan to respond quickly if something does happen. I can guarantee that if something happens and my CTO finds out from someone else, the first words out of his mouth to us will be, "How come you didn't know about this?" Best Regards, Dan Bartley -----Original Message----- From: Chris Berry [mailto:[EMAIL PROTECTED] Sent: Monday, July 07, 2003 19:50 To: [EMAIL PROTECTED] Subject: RE: Ten worst programs That sounds like a good way to go about things, however at my location upper management is the problem, they're the ones wanting to use insecure software with no restrictions or lockdown, and part of my project was to look for ammunition to fight against that tendency. I'm trying to change the mentality from "I need X software, do it or else" to "I need to do X task, can you recommend and set up something to care of this" Chris Berry [EMAIL PROTECTED] Systems Administrator JM Associates "Encrypt everything, and ask questions later." _________________________________________________________________ Help STOP SPAM with the new MSN 8 and get 2 months FREE* http://join.msn.com/?page=features/junkmail ------------------------------------------------------------------------ --- Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts! The Gartner Group just put Neoteris in the top of its Magic Quadrant, while InStat has confirmed Neoteris as the leader in marketshare. Find out why, and see how you can get plug-n-play secure remote access in about an hour, with no client, server changes, or ongoing maintenance. Visit us at: http://www.neoteris.com/promos/sf-6-9.htm ------------------------------------------------------------------------ ---- --------------------------------------------------------------------------- Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts! The Gartner Group just put Neoteris in the top of its Magic Quadrant, while InStat has confirmed Neoteris as the leader in marketshare. Find out why, and see how you can get plug-n-play secure remote access in about an hour, with no client, server changes, or ongoing maintenance. Visit us at: http://www.neoteris.com/promos/sf-6-9.htm ----------------------------------------------------------------------------