Security Solutions
2-7
Customer Needs Assessment
Types of Users
Network Skills
After you identify the groups of users who need access to the network, you
should list their typical computer skill level.
There are two reasons that the users’ level of technical expertise matters.
First, technically sophisticated users will have less trouble adapting to a more
complex access control method. They will also handle endpoint integrity
checking more easily: if their workstation is non-compliant, they will be able
to easily follow the directions for remediating the problems.
In general, such users will require less help from the IT help desk and will be
more willing to diagnose and fix configuration problems during the transition.
Because the more complex access control methods are more secure, you can
typically implement tighter security for your network. (Note that you can raise
the users’ level of expertise by educating them about the changes to the
network and thus reduce the calls to the help desk.)
Second, technically sophisticated users are more likely to try to circumvent
the security system, either out of frustration or a sense of challenge. (Imagine
students at a college of engineering with a lot of computer knowledge and
some spare time.) Thus, having more sophisticated users may require that you
implement stricter security controls for your network.
Because you may not always know users’ skill level, you may want to plan for
the lowest common denominator. That is, you may want to assume that users
have very few computer skills.
You can then factor in this skill level when selecting the access method for the
group. For example, you may want to use Web authentication (Web-Auth) as
the access method for temporary users or guests so that these users do not
have to configure many settings on their computer. Alternately, you could set
up stricter security and provide some documentation to help users log in.