Wednesday, August 08, 2007

WSJ-inspired Poll Results In

Poll results are in - no surprises for me here (you can till take the poll here).

Will you break a security policy if you know it is neither enforced nor monitored AND that there can be no repercussions whatsoever (and YOU personally don't think it is sensible)?

Yes, if I REALLY need to do something (53%)

Yes, sure! No enforcement - no compliance. (17%)

No (17%)

No, not if I created the policy (7%)

Other - leave comments (3%)
28 total votes

What it means - to me - is that security people are people too :-) This pretty much rhymes with what I said in my first WSJ post here: if users feel that they need (and CAN!) bypass security to do their work, they will ...

UPDATE: the entire WSJ "blood trail" is tagged here. Especially fun bits are here, here and here.

Dr Anton Chuvakin