Tog on security

Catching up on news that came along while I was enjoying 85 degree weather. In AskTog: Security D’ohLTs, Tog talks about how many security procedures put into place do not take real human beings into account. Therefore, the users end up doing what the need to do to get their jobs done, often compromising security. A good read for anyone who is adding security-related features to software.

Unless you take a comprehensive approach to security, both at the human level and at the system level, you are likely to not only fail to increase the user’s security, you may actually succeed in decreasing the user’s security.