|
Major security myths of 2009 |
|
|
|
Source: Tech Republic - Posted by Anthony Pell
|
2009 is just like any year in at least one way; too many people buy into too many security myths far too easily. To help prepare readers for the future, I’ll share my thoughts on ten major security myths I have encountered in 2009. Each of these is chosen for its prevalence, its perniciousness, or its publicity this year. They may even have been chosen for other reasons that begin with P.
#1 Myth: Doing something right means you’re doing nothing wrong.
Don’t congratulate yourself too much for doing something right. You should try to avoid straining your shoulder patting yourself on the back every time you do something right with security. Securing your systems is never really finished, because (as I said in “When it comes to security, what does it mean to be good enough?“), security is not an absolute end result of following good practices, because there’s always more that can be done to improve security. This is true even if, sometimes, “doing more” is a matter of researching whether or not something else needs to be done, and double checking to make sure there was not a better way to do what you have already done after all. Measure your successes to see how well they work in practice, consider what more you can do to ensure further success, and never rest on your laurels when it comes to security. In “Perfect vs. Good Enough,” I said that security is “more a process than a goal, and more a journey than a destination; it is more a practice than a product.” It is a point worth remembering.
Read this full article at Tech Republic
Only registered users can write comments.
Please login or register. Powered by AkoComment! |
