Earlier this week I participated in a ZDNet Great Debate that explored the relationship between "dumb users" (i.e., someone who is not necessarily stupid but simply ignorant of how to use the software), "dumb design," and security risks. I contend that history has shown that we cannot train users to do things differently, so security concerns need to be addressed at the application development level. At the same time, IT's been saying, "we need to do a better job of educating users" because they can't come up with secure systems.
Do you think "dumb users" can be trained to not make the kinds of mistakes that lead to exploits? Take this poll to express your opinion on the subject.
J.JaNote: ZDNet is a sister site of TechRepublic.
Justin James is the Lead Architect for Conigent.