Protect What's Precious


This article can also be found in the Premium Editorial Download "Information Security magazine: What's your biggest information security concern?."

Download it now to read this article plus other related content.

User Education
Many organizations are looking beyond technical fixes to tackle insider abuse. Glen Carson, information security officer for California's Victim Compensation and Govern-ment Claims Board, says the problem stems more from a lack of user education than poor authentication.

His priority is education: explaining to the 350 users in his agency why data security is important and how it will help them in the long run.

"We recently completed a third-party security assessment and got a good test of our exterior

    Requires Free Membership to View

shell, but internally our controls were lacking," he says. "Sticky notes with passwords were found on monitors and in desk areas, in scripts and unprotected source code. People just need help knowing what needs to be done and why."

Carson, who joined the board earlier this year, is building its first formal information security program from the ground up. As the entire infosecurity department, Carson says he needs all the help he can get.

"The best way I know that I can get everybody to help is through education," he says.

Educating end users--which more than 43 percent of survey respondents say will be very important for their organizations next year--is a big part of the security process at USG, a Fortune 500 building products company.

This was first published in December 2006

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: