Access "Exploring Security Myths, Misconceptions that Lead to Breaches"
This article is part of the April 2008 issue of Security Readers' Choice Awards 2008
Even security-minded organizations can trip up on common misconceptions that lead to breaches and bad publicity. Having worked as a security and IT risk consultant for considerable time, I have to think a lot of companies must subscribe to the "any news is good news" philosophy. Many are taking unacceptable risks with sensitive customer data that will likely end up as front-page fodder. It's not like they don't have security strategies or aren't taking steps to meet regulatory requirements. Organizations stumble when they assume certain solutions provide greater levels of security than they actually do, or that certain processes are immune to security breaches. These assumptions lead to what I call "gotcha moments" that often result in data leaks and negative publicity. Here are some misconceptions and mistakes that can garner a company unwanted media coverage: If it's encrypted, you're safe. Encryption is a great way to protect sensitive information, and if done correctly, helps an organization meet most industry and regulatory data security requirements. ... Access >>>
Premium Content for Free.
Product review: Promisec's Spectator
Endpoint security solution by Promisec
Product review: Tufin's Tufin SecureTrack 4.1
Varonis DatAdvantage product review
Varonis DatAdvantage data governance software is evaluated on its configuration and management, effectiveness, policy control and reporting.
- Product review: Promisec's Spectator
Netgear FVS336G ProSafe Dual WAN Gigabit Firewall product review
Netgear's Netgear FVS336G ProSafe Dual WAN Gigabit Firewall combines firewall, IPsec and SSL VPN, packaged into a small-office friendly device. Information Security magazine reviews its capabilities.
Readers' Choice Awards '08: IT Security Products of the Year
Information Security magazine's annual Readers' Choice Awards honor security software, services and products of the year in several areas: antimalware, application, email and mobile security, network access control, firewalls, remote access, firewalls, SIMs, UTM, vulnerability management, wireless, IDS/IPS, and Web gateways.
Web security gateways keep Web-based malware at bay
Web Security Gateways - A new breed of integrated technology takes Web-based malware off the menu.
- Netgear FVS336G ProSafe Dual WAN Gigabit Firewall product review
Interview: Arizona CISO David VanderNaalt
The CISO for the state of Arizona helps craft an executive order that prioritizes information security in every state agency.
Companies Collecting Too Much Customer Data Increase Exposure
If the risk of losing customer or partner information outweighs its value, why collect it in the first place?
Exploring Security Myths, Misconceptions that Lead to Breaches
Perspectives: Gotcha Moments
Disclosure Laws Fail as an Incentive to Secure Data
Layer8: Data Leak Fatigue
- Interview: Arizona CISO David VanderNaalt
More Premium Content Accessible For Free
Cloud and mobility in the enterprise has caused a heightened need for organizations to take a closer look at next generation authentication ...
Virtualization and cloud computing are part and parcel of enterprise networks today. Virtualization security, however, is still a bolt-on affair ...
Mobile device security is one of the biggest nightmares InfoSec pros face in the era of bring your own everything (BYOE). Simply banning employees ...