|
|
|
|
|
|
by marvion
1991 days ago
|
|
|
I've seen "just WIN+L" on Twitter a lot... Relying on humans locking their PC in event of a terrorist attack isn't a IT-Security concept. Security consists of a threat model and many layers of security measures. Many many outer layers have failed here. I wouldn't blame an individual nor a department here. It's one of those events that probably wasn't in the scope. Additionally, roles/security clearance levels etc. still work regardless of the account beeing open to anyone. Things like Smartcards, Yubikeys, auto-lockscreen could have failed the same way. Maybe a GPO failed, or a windows update broke the auto-lock.... that's why all these many layers exist. |
|
|