THE RIGHTS, EXPECTATIONS AND RESPONSIBILITIES OF THE NETWORK USER
The user is the reason for the existence of any network. In many way they
will dictate how a network is to function by providing explanation of their need
of what they need to achieve with it. As the user's knowledge of the networked
environment grows, so to do the users demands on the network. The user can be
seen as vital to the network and an experienced user can come to expect much
from the network yet it is clear that a balance of rights and expectations
against responsibilities must exist. These rights, expectations and
responsibilities will now be examined.
RIGHTS AND EXPECTATIONS
- Freedom from undesirable events such as malicious and accidental misuse
from other users or outside entities
- No hackers
- Virus free operation
- Up to date software
- Up to date hardware
- Downtime so minimal as to have little to no impact at all
- Reliable storage of data
- Backups taken at regular intervals
- Technical support, although users who attempt to replace skill,
knowledge, effort or ability with the popular alternative of "annoy the help desk" can
also expect rather curt
responses.
In short, the user must be able to expect the network to operate efficiently,
consistently and reliably.
RESPONSIBILITIES
"Social engineering: Term used among crackers and samurai for
cracking techniques that rely on weaknesses in wetware rather than software; the
aim is to trick people into revealing passwords or other information that
compromises a target system's security. Classic scams include phoning up a mark
who has the required information and posing as a field service tech or a fellow
employee with an urgent access problem." (Jargon File)
A user of a network has a large and vital set of responsibilities that
clearly compliment and explain those of the network manager. The user must be
made aware that login and logout procedures are there not because some perverse
power trip or as an authoritarian control technique but as a method of
protecting the network and thus the data and users of the network.
There is a prescribed process that has been laid out that defines what is
acceptable use of the network and what constitutes acceptable behaviour. With
this is a set of managerial guidelines that explain what to do in certain
eventualities like forgotten passwords or access denied problems. These too are
there to protect the user from "people hacking" or social
engineering.
The user should therefore be expected:
- To understand own role in network
security
- To log off correctly
- To be sufficiently competent to be able to
use a PC
And to follow good passwords policies such as:
Although it is not always readily apparent it is vital that users be made
aware of their responsibilities while using the network as in most cases now the
greatest threat to network security is the untrained user.
See Also: Network Manager and
An introductory guide to networks