> The only thing you can do to help your users is to provide them with proper
> education and to explain them to keep up to date and run the right tools and
> not click anywhere they can.... and that is a mission which is near 
> impossible.

I thought user education in threat management was long ago abandoned as a 
realistic defense mechanism.  Don't get me wrong, I loved my users when I was 
supporting a desktop fleet; but the key to their survival was always policy 
implementation through Active Directory; back in the day, blocking executable 
files in email prevented a lot more problems than training users not to open 
them did.

Don't get me wrong, every little bit helps.  But when you consider your 
security with a scrutinous eye, you should always ignore the question 'how 
educated are my users'.  It's irrelevant.

Reply via email to