Policy-based security and access control


Those kinds of rules haven't yet really cropped up as a social cultural issue yet with technology. I think that's where were coming into that era were people begin to understand it the same way. There are rules, metrics, cultural norms that have been established for other things, like driving, but people also have to exercise individual responsibility because there is a limit on how much an airbag and seatbelts can do to protect a driver. I think we've reached that point with computer technology. Of course everyone is going to try to apply as much technology as they can to protect it, but if we don't reach a point where there are social norms, that is people understanding that there are certain things that are putting them at risk, the technology will never be able to provide the full benefit. That's the point we try to drive home, but were dealing with 18 to 22-year-olds who are likely to engage in risky behavior with their computers.

It's tended to concentrate the attacks. While social media has become a very effective means of communication, it's also become a prime spot for malware writers. Instead of having to figure out how to get your malware to different places and hope somebody will land on a page, we now have this one enormous target. And because part of the way it works is to let small applications be installed and passed around, it's almost an ideal vector. All that's necessary is to trick people into thinking what they're about to click on or install or download is useful to them, and they could end up with a malware payload along with it.

Previously we saw more security incidents through , junk mail, things that would show up that said 'Hey, this is your friendly IT department. Please click on this link to reset your password.' Stuff like that. Now they don't have to do that.