My take: These kinds of customers just don't perceive the threat as being that costly to them. You're not going to convince them. Add them to your newsletter. Keep plugging away at the newsletter. They may come around.
The alternative is that you will spend all kinds of time and effort trying to convincing them. You may have absolute proof, but the answer will still be "tough". You can't force them to take these kinds of threats seriously. -----Original Message----- From: Blaine Fleming [mailto:[EMAIL PROTECTED] Sent: Friday, January 25, 2008 3:56 PM To: NT System Admin Issues Subject: Re: Spyware keylogger capture examples <snip> > The client is confusing over-the-wire traffic sniffing, with local keylogging. > And here we see the root of this problem. But the fact that their logic is flawed is irrelevant. They are convinced that encrypted means encrypted, period. Until they see real world proof they won't believe it. I keep telling them that when someone in Africa empties out a large escrow account they will realize just how bad this stuff can be. On a related note, how do you guys deal with companies that will only react to security problems instead of being proactive? The problem isn't paying for it here, it is that they don't want to listen to employees whining about the burdens of security. Getting them to use their own login credentials a few years ago was hard enough and I still get people whining about that. --Blaine ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~
