One caveat to what you're talking about. I did IT in the US Army, and we had the same privileges you're talking about.
The military used and probably still does, PKI digital certificates to verify user identity when sending each email. Without that certificate, you weren't supposed to trust the source.
Your ID Card held the certificates, and if the ID Card wasn't slotted into the PC at the time of writing an e-mail, it wouldn't be digitally signed.
All true, and still how it's done, but that doesn't mean the typical user actually understands how that works and looks for the digital signature. We've all had the click-through "training" and signed the page-13s so we can be taken to mast over it, but that's all just legal CYA.
In reality, we typically put more effort into figuring out how to get AROUND the security ourselves because it makes the actual job more inconvenient. I've personally had to "counsel" people for giving out their CAC PIN just so they don't have to take the time to log off and let someone else log in to do something. It happens all the time.
It's also vitally important to remember that the Ft. Hood shooter had a clearance. It only takes ONE person without integrity to undermine the system. Or as my father used to say, "Locks are for honest people".
One caveat to what you're talking about. I did IT in the US Army, and we had the same privileges you're talking about.
The military used and probably still does, PKI digital certificates to verify user identity when sending each email. Without that certificate, you weren't supposed to trust the source.
Your ID Card held the certificates, and if the ID Card wasn't slotted into the PC at the time of writing an e-mail, it wouldn't be digitally signed.
All true, and still how it's done, but that doesn't mean the typical user actually understands how that works and looks for the digital signature. We've all had the click-through "training" and signed the page-13s so we can be taken to mast over it, but that's all just legal CYA.
In reality, we typically put more effort into figuring out how to get AROUND the security ourselves because it makes the actual job more inconvenient. I've personally had to "counsel" people for giving out their CAC PIN just so they don't have to take the time to log off and let someone else log in to do something. It happens all the time.
It's also vitally important to remember that the Ft. Hood shooter had a clearance. It only takes ONE person without integrity to undermine the system. Or as my father used to say, "Locks are for honest people".