WARNING: This site is intended for online use only; mass-downloading of pages degrades the server and is prohibited.
If you attempt to use tools to mass-download the site, you may be blocked permanently by automated software.
If you want to read this CertiGuide offline, please use one of the links on the left to purchase a convenient PDF copy. Thank you.

Like what you see? Get it in one document for easy printing!
Click Here!
Use coupon code "certiguide" to save 20%!
(Expires 2004/12/31)

Test yourself better with 300 extra Security+ questions!
Get It Here!

Google
Web CertiGuide






Table Of Contents  CertiGuide to Security+
 9  Chapter 5:  Operational/Organizational Security (Domain 5.0; 15%)
      9  5.8  Education

Previous Topic/Section
5.8.1  Communication
Previous Page
Pages in Current Topic/Section
1
Next Page
 5.8.3  Education
Next Topic/Section

5.8.2  User Awareness

“Ghosts of millions of former workers populate the databases of corporate America. The workers have moved on, but their ghosts linger, awaiting the hacker intent on using the ghost’s identity to damage the company’s network systems.” Says Brian Hook in his Tech Republic article462.

The outdated access account can either be used by a black hat or by an employee whose layoff was handled with less than excellence. From a user awareness viewpoint:

  • Educate users on the value of strong passwords that are not written down.

  • Educate users on the value in mandatory frequent changing of passwords. This will disable forgotten accounts.

  • Give personnel that are being laid off a specific amount of time to download personal data. Failure to do so only creates a hostile former worker.

Create and enforce non-disclosure policies. Non-disclosure is not the same as non-compete clauses. The former employee has a right to work, making non-compete clauses impractical. It is reasonable to expect them to not take with them sensitive supplier or customer data.


 __________________

462. http://www.techrepublic.com/article.jhtml?id=r00620020717hoo01.htm&fromtm=e106-4&_requestid=22643

Previous Topic/Section
5.8.1  Communication
Previous Page
Pages in Current Topic/Section
1
Next Page
 5.8.3  Education
Next Topic/Section

If you find CertiGuide.com useful, please consider making a small Paypal donation to help the site, using one of the buttons below. You can also donate a custom amount using the far right button (not less than $1 please, or PayPal gets most/all of your money!) In lieu of a larger donation, you may wish to consider buying an inexpensive PDF equivalent of the CertiGuide to Security+ from StudyExam4Less.com. (Use coupon code "certiguide" by December 31, 2004 to save 20%!) Thanks for your support!
Donate $2
Donate $5
Donate $10
Donate $20
Donate $30
Donate: $


Home - Table Of Contents - Contact Us

CertiGuide for Security+ (http://www.CertiGuide.com/secplus/) on CertiGuide.com
Version 1.0 - Version Date: November 15, 2004

Adapted with permission from a work created by Tcat Houser et al.
CertiGuide.com Version © Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.