From culture to disobedience: Recognising the varying user acceptance of IT security |
It is often observed that addressing security can be as much about people as it is technology. One of the key aspects here is establishing the correct mindset, and ensuring that people are working for (or at least with) security rather than against it. Unfortunately, people are very often perceived as an obstacle rather than an asset in this regard. Indeed, to quote an Information Security magazine survey from a few years ago, one of the biggest hurdles for organisations to overcome in their attempts to address security is the problem of "unalert, uninterested, lax, ignorant, uncaring end users".
Furnell SM, Thomson KL