PreSorted 8100+ Security Related Sites
| The Comments,Laws Stated Below credited to its "owner"
Security is NOT:|
- Security is NOT installing a firewall ..
- Security is NOT a Product or Service .. ( by Schneier, Bruce )
- Security is Not a Product; It's a Process .. ( by Schneier, Bruce )
- A Security Audit is NOT "running a port scan and turning things off" ..
- Security is "Can you still continue to work productively/safely, without compounding the security breach"
- Security is only as good as your "weakest link"
- Security is "risk management" of your corporate resources(computers/people), required expertise, time management, implementation costs, data backup/recovery proceedures ...
- Security is a Process, Methodology, Costs, Policies and People
- Security is "Can somebody physically walk out with your computers, disks, tapes, .. "
- Security is 24x7x365 ... constantly ongoing .. never ending
- Security is "learn all you can as fast as you can, without negatively affecting the network, productivity and budget"
Food for Thought
- 80%-90% of any/all security issues are INTERNAL ( not the outside world )
- IT staff makes majority of the "security breach" mistakes
- 90% of user's passwords are guessable and used repeatedly at multiple login
- follow them from extremely insecure public wifi, airports, coffee shops, hotels, etc
- follow the traveling salesman
- follow the traveling executive ( probably has access to confidential data )
- follow the employee working from home ( extremely insecure network )
- load your back door into their traveling laptops, usb-sticks, cdroms, etc
- lost laptops with password-less login allows anybody whom found it to login w/o password too
- follow or bribe the janitor
- If you want to simulate a disk crash right now (unplug it NOW)...
- what data did you just lose ..
- how fast can you recover your entire system from the offline backups ..
- If the hacker/cracker penetrated your firewall ...
- what else can they do to your network/data ...
- what will they see on your network and other computers ...
- If your T1/T3 died ( dead router, dead csu/dsu, dead hubs ) ...
- how much loss of productivity (lost revenue) would you suffer for being offline ...
- do you have a secondary backup internet connection ...
- There always is someone out there that can get in ... if they wanted to ...