Aug 7, 2012

The 10 Laws of Network Security

English: A candidate icon for Portal:Computer ...
(Photo credit: Wikipedia)
A few months ago we had a small outbreak of malware at the office. It was a nasty little bugger that hijacked  search results on Google on the infected work stations. One of the people infected was our CFO. He had me take a look at his laptop, and when I told him it was malware, he got upset and asked how his computer could possibly be infected after we had just spent a ton of money for new firewalls with enhanced security features, and how we spend a ton of money on licensing antivirus for all the computers in the office. My answer to him was simple, nothing is bulletproof.

Nothing rings more true in network security. No matter how much time and money you throw at the problem, the minute your guard drops, the bad guys can get you. On that note, here are the Ten Immutable Laws of Network Security:

  1. If a bad guy can persuade you to run his program on your computer, it's not your computer anymore 
  2. If a bad guy can alter the operating system on your computer, it's not your computer anymore 
  3. If a bad guy has unrestricted physical access to your computer, it's not your computer anymore 
  4. If you allow a bad guy to upload programs to your website, it's not your website any more 
  5. Weak passwords trump strong security 
  6. A computer is only as secure as the administrator is trustworthy 
  7. Encrypted data is only as secure as the decryption key 
  8. An out of date virus scanner is only marginally better than no virus scanner at all 
  9. Absolute anonymity isn't practical, in real life or on the Web 
  10. Technology is not a panacea (cure-all) 

These are all good things to keep in mind on your day-to-day IT activities. These are also good things for the executives you report to to keep in mind as well. Just because you doled out a few thousand bucks here, doesn't mean the bad guys won't get in over there.
[Via Technet]

Related articles

Twitter Delicious Facebook Digg Stumbleupon Favorites More

Design by Free WordPress Themes | Bloggerized by Lasantha - Premium Blogger Themes | stopping spam