1. Today I was helping a user understand the security of their home network set up. Friend of a friend who had never worked from home. User began by walking their video feed over to the router to show me that it was 'not placed close to a window where someone could steal it.'

2. It would be easy to laugh but what struck me was how badly security had failed to inform this person in language that they understood, and, how despite security not doing it's part, the clear diligence of the user in less than ideal circumstances.

3. User took detailed notes on everything I said during the video, and by end of call both understood how to reset their router, check for WPA2 on their network and what the blinking lights on the router meant. What questions to ask an internet provider etc

4. Through the whole call the user kept apologizing for their lack of computer skills and info, and promising to do better which broke my heart to hear...our job is to provide people with information and risks in language they can hear.

5. If a user doesn't understand the why and how with regards to risk that touch them..then security hasn't done their job... nasty snarking and eye rolling won't make that problem less serious or make security look better.