Re: [PLUG] eeePC partitioning suggestions

JP Vossen on 2 Oct 2008 12:57:58 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] eeePC partitioning suggestions

From: JP Vossen <jp@jpsdomain.org>

To: plug@lists.phillylinux.org

Subject: Re: [PLUG] eeePC partitioning suggestions

Date: Thu, 02 Oct 2008 15:57:50 -0400

Reply-to: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>

Sender: plug-bounces@lists.phillylinux.org

User-agent: Thunderbird 2.0.0.16 (Windows/20080708)

> Date: Thu, 2 Oct 2008 13:01:12 -0400 > From: Art Alexion <art.alexion@gmail.com> > > On Thursday 02 October 2008 12:10:33 pm JP Vossen wrote: >> Is there a chance you can get upper >> management's support though? > > I almost literally rolled on the floor laughing on that one. They are the > worst offenders. Sigh. Unfortunate, but not surprising. You already know this, but it bears repeating: document the issue and your objections for when things go wrong. >> What I mean is, your users are going to write it down anyway, so don't >> fight it. Since the ID and password are different anyway, fine. Give >> them a laminated card with the UID, password and encryption password on >> it. Per upper management policy, *require* that the card be kept in >> their wallet or on their key chain and never, ever, stored with the >> laptop or left in the car, or elsewhere. > > This is a really great idea. It may not always work, but it is better than > any idea I have read or considered for solving this issue. If you try it, *someone* is certainly going to knee-jerk and scream that you can't write passwords down, OMG, the sky is failing!!! BS, you certainly can. You just can't be stupid about it... See: http://www.schneier.com/blog/archives/2005/06/write_down_your.html. And see: http://www.google.com/search?domains=www.schneier.com&q=password+write+down&sitesearch=www.schneier.com%2Fblog for more info and ammo. >> You know your users and management better than I do, so I hope this is >> useful or at least sparks some ideas... > > I really like the wallet card idea. Instead of fear and threats, it is just > easy. The people I work with respond better to easy than threats and fear. Good thing I didn't mention the "chain the card to a cinder block so they *can't* keep it with the laptop" idea then. Though admittedly that cuts into the portability idea a tad... :-) Though you might want to consider that for the unencrypted USB keys... On a related note, the coolest solution sort of like this I heard was some hospital that used smartcards as physical ID. Everyone had to have the ID with them to go anywhere, and the only way they could log in was to stick the card in a reader on each PC. So no one could stay logged in if they weren't there. Sadly that doesn't quite apply here, but it's neat. Let us know how it works out, JP ----------------------------|:::======|------------------------------- JP Vossen, CISSP |:::======| jp{at}jpsdomain{dot}org My Account, My Opinions |=========| http://www.jpsdomain.org/ ----------------------------|=========|------------------------------- "Microsoft Tax" = the additional hardware & yearly fees for the add-on software required to protect Windows from its own poorly designed and implemented self, while the overhead incidentally flattens Moore's Law. ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug

Prev by Date: Re: [PLUG] eeePC partitioning suggestions

Next by Date: Re: [PLUG] help with filling a sysadmin position

Previous by thread: Re: [PLUG] eeePC partitioning suggestions

Next by thread: Re: [PLUG] OpenStreetMap encore

Index(es):

Date

Thread