Robert Hajime Lanning wrote: > Education only goes so far. You still need the policy. In fact the two > go hand in hand. There should be a policy, with the education on why > the policy exists and how to follow the policy. > > In the end, you will need something to enforce. You always end up with > chronic abusers. Having a policy will allow something to be done about it. > > Unless the business owners do not care about the business or it's > Intellectual Property, you need enforcible security. > > This is not just IT, this also goes with physical security. Must always > have badge. Must not allow people to tailgate into building. (Company > I used to work at has had a big issue with that. People walk onto > campus, tailgate in the door and walk out with notebooks. Big policy > plus education steps being taken.) >
I agree. Rather than running out with policies you must inform about the reasoning, etc. Ryan _______________________________________________ Discuss mailing list Discuss@lopsa.org http://lopsa.org/cgi-bin/mailman/listinfo/discuss This list provided by the League of Professional System Administrators http://lopsa.org/
