North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: OT: Re: User negligence?
On Sun, 27 Jul 2003, Len Rose wrote: > Not calling it a breach of security is simply.. ridiculous. It is a > most flagrant breach of security if they can't even secure their own > internal networks and systems. Host level security should be the > easiest thing to accomplish given competent systems staff. It a breach of security of the *USER'S* computer, not the *BANK'S* computers. How many people do you know have a full-time systems staff mainaining their home PCs? If they are lucky, they might have a clever teenager in the house which helps their parents set the clock on the VCR and unpack the PC they bought at Best Buy. If they aren't lucky, it was probably the same clever teenager that downloaded the trojaned software on the parent's PC. Is the Bank or ISP supposed to send suppport staff to each customer's house to maintain host level security on customer's home PCs? The bank didn't sell the customer the computer or the Microsoft software, didn't install software on the home PC, and doesn't maintain the home PC. Outlook, the exploding Pinto on the information superhighway.