The simplest, and therefore, often, most effective, is this: Don't trust anybody. Don't open attachments, don't run *.exe, don't believe someone over the phone that says that they need your password for testing...
Some studies have shown that the majority of security "problems" are not based on bad technical solutions but poor (or poorly followed) policies... Steve Vawter UNIX SYSTEM ADMINISTRATOR Zone Labs, Inc. 1060 Howard Street San Francisco CA 94103 ph 415-341-8323 fax 415-341-8299 cell 510-409-9184 pager 877-933-0549 -----Original Message----- From: El C0chin0 [mailto:[EMAIL PROTECTED]] Sent: Sunday, May 05, 2002 5:07 PM To: [EMAIL PROTECTED] Subject: InfoSec Education Hello; I am a member of a Professional Security Group involved with establishing a proposal to provide an outreach program to the community regarding Information Security. This is not an official survey but a serioulsy concerned request to all within this group. All comments would be appreciated. I would like to know the types of training you feel is most effective in reaching the common layman regarding Information Security. I would also like to know what type/kind of training should InfoSec Professionals go through in order to be effective? Please e-mail me any comments. Thanks to all in advance
