Does the end user care about security? Do they have to?

Consequences.

Or rather experiencing the consequences… that, can inspire change.  A perfect example; most people I know that are serious and disciplined about regular system backups do it because they’ve been burned in the past.  (I’ve been very good about it ever since I paid Ontrack 1400 dollars to recover an IBM Deathstar hard drive)

How was your weekend? Mine was ok, except I spent a good part of my Sunday helping a teenage family member re-image her laptop after it was infected by some variant of the classic “pay us money to clean the virus off your computer”  (see fake Security Essentials post here: http://blogs.technet.com/mmpc/archive/2010/02/24/if-it-calls-itself-security-essentials-2010-then-it-s-possibly-fake-innit.aspx )   This is nothing that we are not all familiar with.

The fallen laptop:

Vista Home 32bit, running as Administrator, expired Norton suite.

The Ah-Ha moment for me:

She wasn’t too upset about this.  She needed a word doc for homework but could hardly take a break for texting while I was trying to find out what other important things she needed from the laptop.

I was on my normal soapbox and going down my checklist of fixes.. new image, non-privileged account, Adobe Reader with javascript disabled,  Firefox+NoScript, and ditching Norton for Kaspersky Internet Suite….     but,…. None of that really mattered much, because there wasn’t anything  that important on the laptop.

Pictures? Picasa and Facebook. Email? Gmail. Music? Already on her iPod. Docs? Maybe she will use google docs from now on.  SSH and PGP keys? (yeah right!) For her, a laptop is just a bridge to the Internet.   Who cares about what is on the laptop?  It’s just a thing that gets you to the <cringe> cloud </cringe>  Is recovering your computer from the system disc every six months just the new norm?

She will be entering the workforce and on your corporate network in 2014.

cheers,

^higB

Post a comment or leave a trackback: Trackback URL.