It was reported this week that user error accounted for the vast majority of UK security breach incidents.
The CERT Insider Threat Center also recently determined that most security incidents initiated through phishing and other social engineering are carried out by acquiring and misusing user credentials to secure systems.
The challenge is that users are indeed human. They are flawed, they are careless and often exploited. Users (computing) are in fact defined as
“Those that generally use a system or a software product without the technical expertise required to fully understand it’.
Of course, we all know that rather than blaming users for security breaches, an organization should be looking to ensure that even when network credentials are compromised, access to the network from seamlessly valid credentials is stopped. The control over an authenticated users’ ability to log on through contextual access restrictions with UserLock, can harden your defense against attacks from such compromised credentials.
We also know that better education must be part of the solution. If a user is given the tools to truly understand why they are being asked to work and behave in a certain way, that sense of frustration and inadequacy they may have felt previously could well be alleviated,
But with this in mind, what are the things as a tech admin/IT master you never want to hear a user say? That was the question posed last week on Spiceworks. Here are our favorite replies from the Spiceworks community.
#6: “So I installed….”
Image credit (Bidness Etc)
#5: “Here, use my account”
#4: ” I used to be an administrator in the late 70s…
Photo Credit (TeamJimmyJoe)
#3: “What would happen if I hypothetically did it?”
Photo Credit (MemeCrunch)
#2: “We want all students to use the same password because they forget it all the time”
#1: “Oops I did it again…..”
Photo Credit (Quickmeme)
Thank you Spiceworks Community!