Nah, I'm not advocating sloppy security practices. I am suggesting that
"zero tolerance" itself is a form of in-attention to the real problems of
maintaining a high level of computer security given that human beings are
inevitably fallible. Ejecting each person at the point where they fail,
without regard for *why* they failed, cannot guarantee that no other person
will ever fail. Zero-tolerance can motivate otherwise-innocent people to
cover up mistakes. Good security requires continual effort and a good grip
on hearts and minds, as well as on short and curlies.
Now, smelling gunpowder and sisal, I'll g, d and r :-).
Graeme.
6/20/2005, you wrote:
I have friends who have been victims of identity theft due to sloppy
security practices.
My "zero tolerance" attitude is tame in comparison with their feelings on
the matter
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html
