Saw a link pass through Twitter to a blog post, “Why I will never pursue cheating again”. This is a quick read that hits the following points:
- catching policy
violationsviolators (the human problem)
- “us against them” environment
- reflection on customer evaluations (managerial conditioning)
- rechanneling activities and interaction
Unless your job is specifically about finding corporate security policy violators, no one ever truly does it, until such violation has a tangible negative effect to the business (or *not* reporting it has consequences, like a mantrap that locks up if two people go at once). And it doesn’t take a genius to see how this makes digital security difficult, regardless whether you believe in tackling the human or technological problems in security.