Andy's Technical Notes Main Security Page

Tips to Train the end users

To get the users to logout at the end of the day
- Direct them to or send them Reasons to shut down at the end of the day at least once, possibly resending it when they seem to have forgotten
- If you still find they're still logged in system, see if you can readily get into their email (i.e. no admin tricks, just open it) and if so, send the user the following message from themselves
You have violated basic security policy!


By leaving your system turned on, logged in to network resources, 
and left active data from the server open,  you have done a few 
things
 - seriously jeopardized the integrity of your data!  by leaving it 
in an active state you leave it available for direct corruption, 
and prevent confident back of it. 
 - left a whopping big security hole in the company's network in so 
many ways. just imagine what someone could have done to your good 
name with this open email account. 
 - cost us additional money by delaying the repairs to the server 
while we make the effort to ensure the integrity of your data, next 
time we might not be so nice.

there are more little things to that list, but those are the 
biggies.  I sure hope that this is an isolated incident that will 
not happen again!!!


just talking to myself 
Jane/John Doe 

Generally this scares the problem user enough to at least behave themselves even if it doesn't increase their security sense much more than that.
 

Last updated 2003-12-18