Make Security a Priority with Chocolate

It’s a fundamental problem with security programs: the better they are, the less evidence there is to reinforce it with employees, which can lead them to unconsciously reduce compliance with security rules. It doesn’t have to be that way, though, says one security expert.

In the latest edition of the Network World Security Newsletter, M.E. Kabay says employees’ unconscious reduction in security is only natural. In fact, it’s a product of a process behavioral psychologists call “extinguishment.” To overcome extinguishment, Kabay says, create security programs that are imaginative and fun.

Kabay cites one example of a fun security program, where in one department of a large company, every user who had properly logged off his or her computer at night was given a chocolate the next day. The department’s logoff rate jumped to 80 percent, compared with 40 percent throughout the rest of the company.

The article also offers other tips on how to make security programs fun, including using coupons, posters and tracking systems that playfully reward or punish employees for security breaches.

To read the full article, click here: http://www.nwfusion.com/newsletters/sec/2004/0816sec1.html