You can install the best firewalls, patch religiously, and make sure your anti-virus software is always up-to-date, but there is one online risk factor you can never control: the user. Whether they are downloading dangerous content or falling prey to phishing scams, the end user continues to be the toughest security risk to mitigate in most organizations.
With that constant struggle in mind, giving users education about what they are doing and why it is dangerous is the more effective strategy. Here are some of the more common security missteps users take and some advice [cio.com] on how to stay secure online.