Hi All, FYI... This topic has come up here a few times, so I thought that I'd send a pointer to my July eSecurityPlanet column (http://www.esecurityplanet.com/views/article.php/3377201 - free, no registration required). In the column, I take the seemingly unpopular view --at least in this group -- that we can't count on things like user awareness training to prevent users from doing things like clicking on unsafe email attachments. I also make a plug for better software security across the industry.
Cheers, Ken van Wyk -- KRvW Associates, LLC http://www.KRvW.com