Security bad practices

April 26, 2020
 |  No Comments

Today I bring you one more an article related to security!

Well… I never get tired of emphasizing this issue because it is too important for us and we often don’t even remember it, and at other times we don’t even remember that we have to worry about security!

I often encounter bad security habits on users side, companies and especially those responsible for IT.

When it comes to security, bad habits, shortcuts and negligence can have the power to cause important and sometimes irreparable damage to a company or individual!

According to many security experts a small mistake is all that is required to have a big data breach!

Recent reports, show that more than two-thirds of the malware used in data breaches has been installed via email attachments.

Training and awareness of security aspects is essential to reduce this risk to some extent… but keep this in mind… these attackers are clever and so good at what they do that they also fool the most experienced security experts.

But systems here also have an important role to play, that is, allowing non-technical users to install and run untrusted code is like starting a self-destruct process, and that is dangerous for everyone, no matter how careful the users are.

Weak security policies are also a problem and users as well as IT professionals must ensure that they have a strong and secure password themselves, and that those responsible must also ensure that the entire organization also uses strong and secure password policies.

But, however, no one can guarantee that password policies and best practices will work for all users!

At a private level or in an organization when IT departments are unable to satisfy users’ requests for cloud storage, for example, users do something extraordinary, that is, they set up cloud storage service accounts themselves (e.g., Dropbox, GDrive, etc.). These same cloud services can be used to provide sensitive and / or confidential corporate information, and we often see IT departments turn a blind eye to the use of these services because they address a need that the organization’s IT department cannot satisfy at that moment, but that brings a serious risk to the organization!

Have you already thought how many people you don’t know that have physical access to your data? Dta that is stored somewhere in the world… in some datacenter…

Have you ever thought that information could no longer be available overnight?

Have you ever thought that this same information can be tampered with, corrupted and even encrypted data?

If you haven’t thought about it yet, start by analyzing whether the information you keep in the cloud is stored securely and that no one other than authorized people has access to it and whether it is in fact important to you and your organization.

The use of free-wifi is another problem… They use their laptop or mobile equipment to access banks, send e-mails, etc. but have you ever thought that you don’t know if there is anyone that is monitoring those communications? Do you really trust strangers !?

People, organizations and IT leaders must pay close attention to the fact that they are being attacked every minute of every day, and hackers use “smart and sophisticated robots” to do all the dirty work later on or sooner they will find vulnerabilities and attack without any mercy!

It is not enough to have the anti-virus updated on Windows or to use OS X, not even Linux is immune …

In companies, information security management systems should be implemented, which will be a step towards reducing security problems.

For individuals, it is necessary, in a first phase, to raise awareness and technological training in order to minimize many of these security concerns.

I hope this information has been helpful to you!

See you next time!