I proceeded to ask him how he was getting it. He said that he had his mom and dad buy it off the Internet. I asked him why he didn't do it and he was like, "I have no clue what I am doing on the computer, but my parents know what they are doing so I asked them to get it. I just know how to check my bank statement and pay my bills." At this point, I thought I would take the advantage to delve deeper into finding out his computer usage. I asked him if he had a computer. He said he did but only used it for what he mentioned earlier. I then asked him what kind of security he had on his computer in which he replied, “I don’t know. I think it came with something that I could have activated when I bought it, but I didn’t.” I proceeded to make him aware of what all could happen while he was online checking his bank account and paying his bills. He actually thought that the computer was already secure and that he did not have to do anything on his end to keep is information secure. He vowed that when he left work he would go and get a security software that I had suggested and get someone to help him set it up.
This is where he slipped up. He actually thought that the technology was already working and in place. He did not realize that it fell on him to do the actual securing of his computer. There are many like him that needs to realize that they are the ones responsible for their security and not the technology that is on their computer. Yes, the technology does do its job, but only as long as the person with the technology puts it in place. My honest opinion is that a document needs to be placed in every computer box that is sold that elaborates on how to secure a computer, and the consequences of not properly securing a computer. Everyone needs to understand the first commandment of information security awareness in that it is a people and not a technical issue.
Reference:
Whitman, M. & Mattord, H. (2010). Management of Information Security. Boston,
MA: Course Technology, Cengage Learning.
No comments:
Post a Comment