One of the problems with security, especially as it pertains to computers and computer networks, is that it is often not done well. If the rules are too loose, they become trivial to ignore, and so then the security procedures are annoying and ineffective; set the rules too tight and they constrain the users to the point where the user can’t really use the computer or network in question. (This second situation is perhaps more annoying than the first…) Done well, security should be such that it is hardly noticed, at least it my humble opinion.
I ran into the second situation (too tight of rules) the other day trying to log on to the campus security network. To allow you access to the network, you have to run a little Java app that confirms two things 1) that Windows is up-to-date, and 2) that you have an active anti-virus program that’s up-to-date (definitions no more than 10 days old). So that was all fine and dandy until last week when I updated my AVG to the latest version, the newly-released Version 9. The next day, the network would not allow me to log on — it said that my antivirus wasn’t up to date. After struggling for a bit, I decided to call up the network administrator. It turns out that the Java app has yet to be updated and probably won’t for updated for two weeks! So the irony is that I can’t log on the network because my computer is TOO up-to-date! So much for useful network security…
Comments
Yup. That is annoying. I hate it when that happens.