S E C U R I T Y

 

Pitfalls and opportunities

for business owners and executives.

 

In its overview of "Critical Internet Security Threats," the SANS Institute compiled several lists of threats and mistakes pertaining to systems and networks.  One list addressed business management issues.  The 7 mistakes are useful pivot points for an examination of security as it relates to Local Area Networks in small businesses.

 

 

The 7 Worst Security Mistakes

Senior Executives Make...

 

 

 

1.  Assigning untrained people to maintain security and providing neither the training nor the time to make it possible to learn and do the job.

 

 

2.  Failing to understand the relationship of information security to the business problem -- they understand physical security but do not see the consequences of poor information security.

 

 

3.  Failing to deal with the operational aspects of security:  making a few fixes and then not allowing the follow through necessary to ensure that problems stay fixed.

 

 

4.  Relying primarily on a firewall.

 

 

5.  Failing to realize how much money their information and organizational reputations are worth.

 

 

6.  Authorizing reactive, short-term fixes so problems re-emerge rapidly.

 

 

7.  Pretending the problem will go away if they ignore it.

 

 

Source:  wall poster, "SANS ROADMAP TO SECURITY TOOLS AND SERVICES,"
distributed by the SANS Institute, a cooperative education and research organization.

http://www.sans.org/                              

 

--------------------------------------------------------------------------

Security. 7 Mistakes Discussion

Page launched:
July 22, 2000
Most recent revision:
July 22, 2000
Developmental Level: Partial Draft