Saw a link pass through Twitter to a blog post, “Why I will never pursue cheating again”. This is a quick read that hits the following points:
- catching policy
violationsviolators (the human problem) - “us against them” environment
- reflection on customer evaluations (managerial conditioning)
- rechanneling activities and interaction
Unless your job is specifically about finding corporate security policy violators, no one ever truly does it, until such violation has a tangible negative effect to the business (or *not* reporting it has consequences, like a mantrap that locks up if two people go at once). And it doesn’t take a genius to see how this makes digital security difficult, regardless whether you believe in tackling the human or technological problems in security.
What a fascinating read! I stuck this up on reddit — hopefully it gets even more traction.
Wow, quite a few votes/comments on that one! Nice!