I read a blog post that quoted a security professional saying, ‘culture is defined as the beliefs we accept without question.’ The blogger, also a security professional, went on to say that his goal is to generate a new security culture, a security culture that “everyone accepts and makes a natural part of their activities.”
That definitely got me going, so I left a comment that explained why I disagreed with that statement.
I know a lot of you are security conscious and some of you even roll your eyes at clueless users who seldom think of security. But how many of you regularly use an account on your home or work computer (or both) that have administrative or root privileges?
Most of you KNOW that using an account with privileged access on a daily basis to create documents, read email, and surf the web , etc., is a bad idea. Perhaps you think that because you’re more security conscious and more careful that it isn’t as much of risk for YOU. Continue reading