To Keep the IT system secure and simultaneously improve the information value is the primary objective of enterprises today. Therefore, information security is not only about having usernames and uncommon passwords. Data protection and privacy laws impose certain obligations on users. There are office staffs that defraud and even make careless errors. These apart, other threats to information security are hackers, viruses, phishers, worms and many others. To quote Howard Schmidt “We need to...