David Neal

When I was a much younger man I foolishly bought some magic beans. I say foolishly, because these beans led to a rather embarrassing scene after I mistook them for the plain old kidney variety and added them to a chilli I was making for a dinner party.

The beans were most flavoursome, by all accounts, but unfortunately for my guests they also sprouted a prodigious amount of stalkage as soon as they made contact with gastric juices. I was fine because I had picked out the beans in my portion for fear of them bringing on a chronic attack of flatulence.

Bad wind was the least of my guests’ problems that night, and it took a lot of soothing words, not to mention vigorous pruning, to get them in a calm enough state to leave the flat.

I haven’t bought any beans, magic or otherwise, since that night. Indeed, the episode had such a profound effect on me that I never buy anything from anyone even vaguely suspicious ­ a category that for me covers around 98 per cent of the human population, including all Arsenal fans, but that goes without saying from a Spurs supporter.

This has turned out to be a wise move. I have never been conned into anything, never bought anything that might have killed me, and consequently go about with an air of smug satisfaction that some people find quite annoying.

My risk-averse approach to life has proved so successful that I have started applying my knowledge in a consultative capacity, with a special focus on the internet.

Unsurprisingly, business is booming. According to experts interviewed by my colleague Phil Muncaster at the Infosec show last month, a new bit of evil technology finds its way onto a web site every five seconds ­ and these are mainstream web sites we are talking about, not niche, erm, hobby sites. All those innocent-looking retail stores that your mum and dad like to browse are probably more of a threat to your computer’s health than a sledgehammer-wielding psycho with a hatred for, well, computers. The trouble is that most users just don’t seem to realise this.

If statistics are anything to go by, most of your staff are the sort of people who, when confronted with a door marked “Danger. Do not enter”, chuckle to themselves, and walk right in. To try to discourage this “leap of faith” attitude to internet browsing I have come up with the idea for a day-long course designed to instil a sense of fear and paranoia into users.

The course works like this: the trainee sits at their work computer and gets on with their daily routine. Meanwhile, I surreptitiously position myself behind them. In the event that they venture onto a web site that I deem inappropriate, I emit an ear-piercing yell and follow this up with a great deal of finger pointing, head shaking and even tutting.

So far, my training techniques have proved to be rather successful, and I have found that within moments either I am punched on the nose, or the user learns to stay clear of that kind of site while at work.

In most cases users treat the internet in a much more cautious manner following a training day, and I would love to offer my services to you all. Unfortunately, however, my time is tight, and the novelty of getting belted in the face at regular intervals is beginning to wear off, so I am reluctant to take my services to a wider market.

Instead, I would advise firms to treat staff security education with the same care and consideration that they do the procurement of security solutions. Firewalls, content blockers and anti-virus tools can work wonders, but they are frankly useless if staff are not properly trained in how to get the most of out of them.

Like this story? Spread the news by clicking below:

 del.icio.us     Digg this     reddit!