SSL VPN: Understanding, evaluating, and planning secure, web-based remote access
www.PACKTPUB.com FREE ONLINE EDITION: Read full chapters online, download free samples from the book and more...
SSL VPN Book Cover SSL VPN Book Cover SSL VPN Book Cover SSL VPN Book CoverSSL VPN Book Cover  
Book Contents Home

Introduction
1: Introduction to SSL VPN
2: SSL VPN: The Business Case
3: How SSL VPNs Work Free Chapter
4: SSL VPN Security
5: Planning for an SSL VPN
6: Educating the User
7: Legacy Data Access
8: The Future of SSL VPN Technology
Appendix A: A Review of TCP, IP and Ports
Appendix B: SSL VPN Gateways
Index

Free Chapters:
Chapter 3:
How SSL VPNs Work [PDF]
How SSL VPNs Work [HTML]

Packt Full of Offers
Buy two Packt Books, get 18% off both

Buy the book & eBook together and get 80% off the eBook
 




View the book details
on PacktPub.com
 

 

Chapter 6: Educating the User
SSL VPNs provide a mechanism to communicate securely between two points with an insecure network in between them. Yet, there is no technology on the planet that will totally protect computing operations on its own. End users need to be security-conscious if the security technology is to do its job.

Think about your own organization. Can someone call a user on the phone, profess that he or she is from the 'help desk' and ask for a username and password? In most cases, such a call will not happen, but if it was made, would anyone in your organization actually give their credentials to the caller? If they did, the entire expensive authentication infrastructure you have in place would be undermined.

A combination of solid technology and an educated end user is necessary for security. We have already covered the technology used to secure SSL VPNs; now we address end-user training.

The next section discusses formal training plans; people from organizations that already have such systems in place may want to skip to the Specific Training for SSL VPNs section later in this chapter.
    • Chapter 6: Educating the User

      •  
      • Building an Education Plan
        • Education Plan: Start the Process
          • Vision
          • High-Level Training Plan
          • The Agreement
          • The Use Case
        • Education Plan: Finalize the Plan
          • Final Training Plan
          • Include Incident Handling Policies in your Training Plan
          • The Money
          • Creating Educational Materials
          • Reusing the Use Cases
          • Executing the Test Plan
        • Education Plan: Testing and Pilots
          • Unit Tests
          • Process Tests
          • Technical Pilots
          • Production Pilot 1
          • Production Pilot 2
          • Implementation
        • Education Plan: Production
        • Specific Training for SSL VPNs
          • Training the Masses
          • Single Sign On (SSO)
          • SSL Locks and Dialog Boxes: One More Note About Phishing
          • E-Commerce Scenario
  This website is owned and maintained by Packt Publishing Ltd, 2006. All rights reserved. Terms and Conditions