Top 10 IT Security Mistakes
According to the SANS Institute:
- Connecting systems to the Internet before hardening them
- Connecting test systems to the Internet with default
accounts or passwords
- Failing to update systems when security holes are found
- Using Telnet and other unencrpytable protocols for managing systems
- Giving users passwords or changing passwords over the phone
- Failing to maintain and test backups
- Running unnecessary services such as finger
- Implementing firewalls with inadequate rules
- Failing to implement or update virus detection software
- Failing to educate users regarding security
Source: The top 10 IT security mistakes. (2000,
June 26). eweek. p. 38.
- R. S. Kulzick - 09/23/00 -
Contact rkulzick@stu.edu with
questions or comments about this web site.
Copyright © 2000 Raymond S. Kulzick - Last modified: September 13, 2008