Charles Border, Rochester Institute of Technology
Although large organizations spend millions of dollars every year to secure the periphery of their networks through the use of firewalls, a technological solution that controls the actions of insiders has thus far proved elusive. According to Thompson and Ford (2004), “The issue is trust. Insiders must be trusted to do their jobs; applications must be trusted to perform their tasks. The problem occurs when insiders—be they users or applications—intentionally, or unintentionally, extend trust inappropriately.” Client-side security involves finding ways to control the ability of insiders to extend the trust relationship that they acquire as insiders in ways that are detrimental to the overall security of the network. Because a wholly technological solution has remained beyond the reach of developers, managers of both information technology professionals and other employees must work together to develop a solution that involves not only technology but also improving user awareness ...