You are the weakest link in network security

By CNET News.com Staff
May 2, 2001, 12:10 p.m. PT

The single biggest cause of network security breaches is not software bugs and unknown network vulnerabilities but dumb moves by PC users, according to a survey published by computer consultant @Stake.

The security research company, which is best known for uncovering bugs in operating systems and network software, said that despite the risk of computer fraud, many corporate computer users leave passwords on paper notes, fail to change passwords from the default, and incorrectly configure hardware.

Other security no-brainers include encrypting data but leaving it on a machine in an unencrypted format or locking it with a blank password and failing to change system passwords during updates. The survey also discovered that some companies connect servers directly to the Internet, bypassing router firewalls.

The research shows that springing for the most costly security products can be a waste of money, according to Royal Hansen, practice director for @stake Europe.

"Expensive and elaborate security measures are often completely undone by a company's failure to enforce even the most simple precautions, opening up the entire corporate infrastructure to malicious attack," Hansen said.

Another survey, conducted recently by KPMG, adds weight to the suggestion that the greatest threat to company data comes from within. KPMG found that the majority of computer fraud is committed by employees trying to get inside information.

Staff writer Will Knight reported from London.

The actual article is posted at http://news.cnet.com/news/0-1003-200-5798589.html?tag=dd.ne.dht.nl-sty.0

 

Back Button

Return to the Internet Banking Audits Home Page

Company Information
Yennik, Inc.
4409 101st Street
Lubbock, Texas 79424
Office 806-798-7119
Examiner@yennik.com

Please visit our other auditing sites:
The Community Banker - Bank FFIEC & ADA Web Site Audits
Credit Union FFIEC & ADA Web Site Audits - Bank Auditing Services
Medical Records Security
US Banks on the Internet  
US Credit Unions on the Internet
Penetration-Vulnerability Testing

 All rights reserved; Our logo Yennik, Inc. is registered with the United States Patent and Trademark Office.
Terms and Conditions, Privacy Statement, Copyright Yennik, Incorporated
VISTA

We are Americans and will never be defeated.