SlideShare a Scribd company logo

DWPIA Whitepaper - The 7 Deadly Sins of Information Security

DWP Information Architects Inc.
DWP Information Architects Inc.

Effective information security is based on more than just maintaining the proper technologies. It's also a matter of making sure that your employ-ees are fully aware of the threats that face them on a daily basis. Security vendor Trustwave has issued a list of seven key issues that most frequently lead to a loss or exposure of data.

Technology
1 of 4
Download to read offline
White Paper A White Paper from DWP Information Architects, Inc. www.dwpia.com This report is not intended to answer every question you might have about the subject at hand. This report consists of the opinions and current thoughts of the author at the time of pub- lication. This report is intended to give general advice and information with regard to its subject mat- ter. It is distributed with the understanding that the author, publisher, and DWP Infor- mation Architects are not ren- dering specific advice for any specific company or organiza- tion. DWP Information Architects would be happy to review your current systems and to offer appropriate context-specific advice. DWP Information Architects and the authors will not be lia- ble to any person or organiza- tion for any actions they take as a result of the information contained in this report. In other words, you’re responsi- ble for your own actions. Box 3876, Thousand Oaks, CA 91359 Telephone: 866-995-4488 Email: info@dwpia.com Web: www.dwpia.com The 7 Deadly Sins of Information Security Effective information security is based on more than just maintaining the proper technologies. It's also a matter of making sure that your employ- ees are fully aware of the threats that face them on a daily basis. Security vendor Trustwave has issued a list of seven key issues that most fre- quently lead to a loss or exposure of data. According to the research, based on more than 300 security breaches worldwide, an overwhelming 87 percent of businesses that had been breached had not developed specific security policies, including security awareness education programs. Coincidentally, today's organizations re- port an average of 14.4 incidents per year of unintentional data loss due to accidents, mistakes and similar issues involving employees. Maybe that should not surprise us given that only 32 percent of employees say they were trained on security policies by their companies. Without further ado, here are seven deadly security sins. Need to hack a password? Try "Password1." It has everything you need: a capital letter, a number and just enough characters to pass muster with Active Directory. And of course, nobody would think of it. Just ask all the people who use it. It's one of the passwords that hackers try first. That is, of course, assuming the password isn't lying around on a desk some- where in plain sight. In approximately 15 percent of physical security tests performed by the Trustwave at client sites last year, written pass- words were found on sticky notes and other scraps of paper in plain view. More than 70 percent of surveyed workers admit that they have peeked at other people's computer screens, either at the office, at a coffee shop, on a plane or in some other public place. And in case that wander- ing eye fails to impress you, one in three workers leaves his computer logged-on and unlocked while away from his desk. To make matters worse, 26.4 percent of malware is keylogger- or application-specific, which often requires detailed knowledge of, or physical access to, a tar- geted system. Hang on. We're going to grab a cup of coffee now. Don't A Product of Web: www.DWPia.com Email: info@DWPia.com DWP Information Architects Inc. Phone 866-995-4488
Page 2 Ph: 866-995-4488 Email info@dwpia.com look at our stuff. The survey says 60 percent of users who find ran- dom USB sticks will plug them into their comput- ers. That implies the remaining 40 percent know better. But if you slap a logo sticker onto that USB device, the percentage of people who would be tempted to use it goes up to 90 percent. So much for knowing better. Not necessarily coincidentally, about 35 percent of the users report having experi- enced a virus infection through a USB device. Nearly 70 percent of IT security pros admit that they sometimes come across phishing emails that snuck past the spam filters. And, falling for these attempts is not just for the Great Unwashed. Approximately 27 percent of IT organizations have top executives or privileged users who, though they should proba- bly know better, have fallen prety to malicious email attacks. The good news is that when users are properly trained on how to spot phishing attempts, they fall for it 42 percent less frequently than those who have not been trained. Where would we be without our smartphones? They are so handy, so compact, so easy to use and also so easy to lose that all too often we do get to find out what we would do without them. With that in mind, you might think that little four-digit passcode would not be too much of an inconvenience. But, apparent- ly it is. The survey says about 70 percent of users do not password-protect their smartphones. A lot of times, those phones are found by other people. And according to the survey, nearly 90 percent of the people who find lost phones dig through them to see what they can find. This was Trustwave's original headline for this little ditty, and we just couldn't pass it up. The number of Wi-Fi hotspots is expected to increase by 350 per- cent by 2015. Meanwhile, only 18 percent of the us- ers log on to a VPN when accessing public Wi-Fi. The rest do not. Trusting souls are they! But all too often, that trust is misplaced. And, you don't have to go to some anonymous coffee shop or log on to some hot spot that just showed up on your phone in order to get exploited. The FBI recently released an alert to travelers warning about an increase in malware that pops up on hotel Internet connec- tions, claiming to be an application update that you might otherwise take for granted. Beware. The sin that comes after hooking up with another man's Wi-Fi is, potentially, a social disease (of sorts). According to the survey, 67 percent of young workers think corporate social media poli- cies are outdated. But, that's probably not such a big deal, given that 70 percent of them admit that they routinely ignore the IT policies anyway. No word on whether they would be more likely to fol- low the policies if those policies were more up to date and Generation Y-ish. Given this collective thumb-nosing, 52 percent of enterprises have seen an increase of malware infections due to employ- ees' use of social media. We Can Help DWP Information Architects is Knowledgeable, Pro- fessional, and Experienced. We have built hundreds of security systems. Our clients have included many small businesses in Ventura County and Los Angeles. We also manage networks and backup systems for companies all across the United States. If we can help you, please contact us today: DWP Information Architects, Inc. Phone: 866-995-4488 Email: info@dwpia.com Web: www.dwpia.com
Page 3 Ph: 866-995-4488 Email info@dwpia.com About DWP Information Architects DWP Information Architects is Ventura County’s Prem- ier Microsoft Partner. We were founded in 2002 and have been providing managed care for computer systems since the day we opened our doors. We manage your entire I.T. (information technology) system so you can do . . . whatever it is you do. Because of our investment in the best people and the best consulting tools available, we can provide a level of ser- vice and support normally only available to very large companies. We make it possible for small and medium size business- es (SMB's) to have:  A real, fulltime I.T. department  Service ticketing  Project management  Limited budget  24x7 monitoring  Automated patching of computer systems  Access to absolute top-notch tech support And we do it for less than what most companies are pay- ing for "a computer guy." Company Overview DWP Information Architects is a consulting firm that specializes in managing your entire information tech- nology infrastructure. That means Internet connectivity, Windows operating systems, and Microsoft Networks. We can help you with:  General Tech Support (Desktops, Servers, Monthly maintenance)  Setting Up Microsoft Windows networks  Microsoft Exchange Server  Microsoft Server 2012  Choosing, Installing, and Managing Email Services  Backups, Fault Tolerance, Failover Systems  Getting Connected to the Internet (Choosing an ISP, Frame Relay, Other Options)  Keeping Your Network Up and On the Net  TCP/IP  Networking Domain Control  Troubleshooting  Choosing, Installing, and Creating Content for Web Services  Remote Access Solutions  Fax Services  Security and Firewalls  Domain Name Service (DNS)  Maintaining your Network  Disaster Recovery Preparation and Services  Configuring Network Hardware, such as Routers, DSU/CSUs, Hubs, Switches, etc.  . . . and More!!! DWP Information Architects, Inc. Knowledgeable — Professional — Experienced The author is Denis S. Wilson, President and Principal Consult- ant for DWP Information Archi- tects Inc. in Thousand Oaks, CA.
DWP Information Architects, Inc. Knowledgeable — Professional — Experienced Designing, building, and supporting networks for small and medium sized businesses since 2002. Call 866-995-4488

Recommended

100916 vortrag web20_icruitment
100916 vortrag web20_icruitment100916 vortrag web20_icruitment
100916 vortrag web20_icruitmentMAR Sales Strategy & Leadership Consulting GmbH
 
Informe Financiero empresa ALLPE INGENIERÍA Y MEDIO AMBIENTE con CIF B83168385
Informe Financiero empresa ALLPE INGENIERÍA Y MEDIO AMBIENTE con CIF B83168385Informe Financiero empresa ALLPE INGENIERÍA Y MEDIO AMBIENTE con CIF B83168385
Informe Financiero empresa ALLPE INGENIERÍA Y MEDIO AMBIENTE con CIF B83168385EINFORMA
 
Glosario conceptos higiene industrial 13813
Glosario conceptos higiene industrial 13813Glosario conceptos higiene industrial 13813
Glosario conceptos higiene industrial 13813darioecci
 
Reel gusoto 3D/Arte
Reel gusoto 3D/ArteReel gusoto 3D/Arte
Reel gusoto 3D/ArteGustavo Soto Miño
 
Invitation conférence suisse 2-1
Invitation conférence suisse 2-1Invitation conférence suisse 2-1
Invitation conférence suisse 2-1Paula Barbosa
 
DWP-Cybersecurity-2023.pdf
DWP-Cybersecurity-2023.pdfDWP-Cybersecurity-2023.pdf
DWP-Cybersecurity-2023.pdfDWP Information Architects Inc.
 
DWP Cybersecurity 101 for Nonprofits
DWP Cybersecurity 101 for NonprofitsDWP Cybersecurity 101 for Nonprofits
DWP Cybersecurity 101 for NonprofitsDWP Information Architects Inc.
 
SCORE Whitepaper: Disaster Impact on Small Business
SCORE Whitepaper: Disaster Impact on Small BusinessSCORE Whitepaper: Disaster Impact on Small Business
SCORE Whitepaper: Disaster Impact on Small BusinessDWP Information Architects Inc.
 

Recommended

100916 vortrag web20_icruitment
100916 vortrag web20_icruitment100916 vortrag web20_icruitment
100916 vortrag web20_icruitmentMAR Sales Strategy & Leadership Consulting GmbH
 
Informe Financiero empresa ALLPE INGENIERÍA Y MEDIO AMBIENTE con CIF B83168385
Informe Financiero empresa ALLPE INGENIERÍA Y MEDIO AMBIENTE con CIF B83168385Informe Financiero empresa ALLPE INGENIERÍA Y MEDIO AMBIENTE con CIF B83168385
Informe Financiero empresa ALLPE INGENIERÍA Y MEDIO AMBIENTE con CIF B83168385EINFORMA
 
Glosario conceptos higiene industrial 13813
Glosario conceptos higiene industrial 13813Glosario conceptos higiene industrial 13813
Glosario conceptos higiene industrial 13813darioecci
 
Reel gusoto 3D/Arte
Reel gusoto 3D/ArteReel gusoto 3D/Arte
Reel gusoto 3D/ArteGustavo Soto Miño
 
Invitation conférence suisse 2-1
Invitation conférence suisse 2-1Invitation conférence suisse 2-1
Invitation conférence suisse 2-1Paula Barbosa
 
DWP-Cybersecurity-2023.pdf
DWP-Cybersecurity-2023.pdfDWP-Cybersecurity-2023.pdf
DWP-Cybersecurity-2023.pdfDWP Information Architects Inc.
 
DWP Cybersecurity 101 for Nonprofits
DWP Cybersecurity 101 for NonprofitsDWP Cybersecurity 101 for Nonprofits
DWP Cybersecurity 101 for NonprofitsDWP Information Architects Inc.
 
SCORE Whitepaper: Disaster Impact on Small Business
SCORE Whitepaper: Disaster Impact on Small BusinessSCORE Whitepaper: Disaster Impact on Small Business
SCORE Whitepaper: Disaster Impact on Small BusinessDWP Information Architects Inc.
 
Microsoft Whitepaper: Running Your Business in the Cloud
Microsoft Whitepaper: Running Your Business in the CloudMicrosoft Whitepaper: Running Your Business in the Cloud
Microsoft Whitepaper: Running Your Business in the CloudDWP Information Architects Inc.
 
Microsoft Whitepaper: Cloud Computing Guide for Construction
Microsoft Whitepaper: Cloud Computing Guide for ConstructionMicrosoft Whitepaper: Cloud Computing Guide for Construction
Microsoft Whitepaper: Cloud Computing Guide for ConstructionDWP Information Architects Inc.
 
Microsoft Whitepaper: Disaster Preparedness Guide
Microsoft Whitepaper: Disaster Preparedness GuideMicrosoft Whitepaper: Disaster Preparedness Guide
Microsoft Whitepaper: Disaster Preparedness GuideDWP Information Architects Inc.
 
Microsoft Whitepaper: Cloud Privacy Guide
Microsoft Whitepaper: Cloud Privacy GuideMicrosoft Whitepaper: Cloud Privacy Guide
Microsoft Whitepaper: Cloud Privacy GuideDWP Information Architects Inc.
 
What is the Cloud: and how does it reduce cost by 50%
What is the Cloud: and how does it reduce cost by 50%What is the Cloud: and how does it reduce cost by 50%
What is the Cloud: and how does it reduce cost by 50%DWP Information Architects Inc.
 
Office 365: Why 98% of the Fortune 100 have adopted this tech
Office 365: Why 98% of the Fortune 100 have adopted this techOffice 365: Why 98% of the Fortune 100 have adopted this tech
Office 365: Why 98% of the Fortune 100 have adopted this techDWP Information Architects Inc.
 
Must Know Cyber Security Stats of 2016
Must Know Cyber Security Stats of 2016Must Know Cyber Security Stats of 2016
Must Know Cyber Security Stats of 2016DWP Information Architects Inc.
 
Modern Workplace: Office 2016
Modern Workplace: Office 2016 Modern Workplace: Office 2016
Modern Workplace: Office 2016DWP Information Architects Inc.
 
SEO: How to Get More People to Your Website
SEO: How to Get More People to Your WebsiteSEO: How to Get More People to Your Website
SEO: How to Get More People to Your WebsiteDWP Information Architects Inc.
 
Windows 10: Ease-of-use, multiple platforms, and security (plus fun stuff).
Windows 10: Ease-of-use, multiple platforms, and security (plus fun stuff).Windows 10: Ease-of-use, multiple platforms, and security (plus fun stuff).
Windows 10: Ease-of-use, multiple platforms, and security (plus fun stuff).DWP Information Architects Inc.
 
ModernBiz: Business Anywhere
ModernBiz: Business AnywhereModernBiz: Business Anywhere
ModernBiz: Business AnywhereDWP Information Architects Inc.
 
Small Business Technology Trends: And They Are All Cloud
Small Business Technology Trends: And They Are All CloudSmall Business Technology Trends: And They Are All Cloud
Small Business Technology Trends: And They Are All CloudDWP Information Architects Inc.
 
ModernBiz CRM
ModernBiz CRMModernBiz CRM
ModernBiz CRMDWP Information Architects Inc.
 
SEO and SEM
SEO and SEMSEO and SEM
SEO and SEMDWP Information Architects Inc.
 
Safeguard Your Business
Safeguard Your BusinessSafeguard Your Business
Safeguard Your BusinessDWP Information Architects Inc.
 
Connect With Customers: and Office 2013 Tips and Tricks
Connect With Customers: and Office 2013 Tips and TricksConnect With Customers: and Office 2013 Tips and Tricks
Connect With Customers: and Office 2013 Tips and TricksDWP Information Architects Inc.
 
Continuum / Channelnomics Webcast
Continuum / Channelnomics WebcastContinuum / Channelnomics Webcast
Continuum / Channelnomics WebcastDWP Information Architects Inc.
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESmohitsingh558521
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 

More Related Content

More from DWP Information Architects Inc.

Microsoft Whitepaper: Running Your Business in the Cloud
Microsoft Whitepaper: Running Your Business in the CloudMicrosoft Whitepaper: Running Your Business in the Cloud
Microsoft Whitepaper: Running Your Business in the CloudDWP Information Architects Inc.
 
Microsoft Whitepaper: Cloud Computing Guide for Construction
Microsoft Whitepaper: Cloud Computing Guide for ConstructionMicrosoft Whitepaper: Cloud Computing Guide for Construction
Microsoft Whitepaper: Cloud Computing Guide for ConstructionDWP Information Architects Inc.
 
Office 365: Why 98% of the Fortune 100 have adopted this tech
Office 365: Why 98% of the Fortune 100 have adopted this techOffice 365: Why 98% of the Fortune 100 have adopted this tech
Office 365: Why 98% of the Fortune 100 have adopted this techDWP Information Architects Inc.
 
Windows 10: Ease-of-use, multiple platforms, and security (plus fun stuff).
Windows 10: Ease-of-use, multiple platforms, and security (plus fun stuff).Windows 10: Ease-of-use, multiple platforms, and security (plus fun stuff).
Windows 10: Ease-of-use, multiple platforms, and security (plus fun stuff).DWP Information Architects Inc.
 
Small Business Technology Trends: And They Are All Cloud
Small Business Technology Trends: And They Are All CloudSmall Business Technology Trends: And They Are All Cloud
Small Business Technology Trends: And They Are All CloudDWP Information Architects Inc.
 

More from DWP Information Architects Inc. (17)

Microsoft Whitepaper: Running Your Business in the Cloud
Microsoft Whitepaper: Running Your Business in the CloudMicrosoft Whitepaper: Running Your Business in the Cloud
Microsoft Whitepaper: Running Your Business in the Cloud
 
Microsoft Whitepaper: Cloud Computing Guide for Construction
Microsoft Whitepaper: Cloud Computing Guide for ConstructionMicrosoft Whitepaper: Cloud Computing Guide for Construction
Microsoft Whitepaper: Cloud Computing Guide for Construction
 
Microsoft Whitepaper: Disaster Preparedness Guide
Microsoft Whitepaper: Disaster Preparedness GuideMicrosoft Whitepaper: Disaster Preparedness Guide
Microsoft Whitepaper: Disaster Preparedness Guide
 
Microsoft Whitepaper: Cloud Privacy Guide
Microsoft Whitepaper: Cloud Privacy GuideMicrosoft Whitepaper: Cloud Privacy Guide
Microsoft Whitepaper: Cloud Privacy Guide
 
What is the Cloud: and how does it reduce cost by 50%
What is the Cloud: and how does it reduce cost by 50%What is the Cloud: and how does it reduce cost by 50%
What is the Cloud: and how does it reduce cost by 50%
 
Office 365: Why 98% of the Fortune 100 have adopted this tech
Office 365: Why 98% of the Fortune 100 have adopted this techOffice 365: Why 98% of the Fortune 100 have adopted this tech
Office 365: Why 98% of the Fortune 100 have adopted this tech
 
Must Know Cyber Security Stats of 2016
Must Know Cyber Security Stats of 2016Must Know Cyber Security Stats of 2016
Must Know Cyber Security Stats of 2016
 
Modern Workplace: Office 2016
Modern Workplace: Office 2016 Modern Workplace: Office 2016
Modern Workplace: Office 2016
 
SEO: How to Get More People to Your Website
SEO: How to Get More People to Your WebsiteSEO: How to Get More People to Your Website
SEO: How to Get More People to Your Website
 
Windows 10: Ease-of-use, multiple platforms, and security (plus fun stuff).
Windows 10: Ease-of-use, multiple platforms, and security (plus fun stuff).Windows 10: Ease-of-use, multiple platforms, and security (plus fun stuff).
Windows 10: Ease-of-use, multiple platforms, and security (plus fun stuff).
 
ModernBiz: Business Anywhere
ModernBiz: Business AnywhereModernBiz: Business Anywhere
ModernBiz: Business Anywhere
 
Small Business Technology Trends: And They Are All Cloud
Small Business Technology Trends: And They Are All CloudSmall Business Technology Trends: And They Are All Cloud
Small Business Technology Trends: And They Are All Cloud
 
ModernBiz CRM
ModernBiz CRMModernBiz CRM
ModernBiz CRM
 
SEO and SEM
SEO and SEMSEO and SEM
SEO and SEM
 
Safeguard Your Business
Safeguard Your BusinessSafeguard Your Business
Safeguard Your Business
 
Connect With Customers: and Office 2013 Tips and Tricks
Connect With Customers: and Office 2013 Tips and TricksConnect With Customers: and Office 2013 Tips and Tricks
Connect With Customers: and Office 2013 Tips and Tricks
 
Continuum / Channelnomics Webcast
Continuum / Channelnomics WebcastContinuum / Channelnomics Webcast
Continuum / Channelnomics Webcast
 

Recently uploaded

SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESmohitsingh558521
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 

Recently uploaded (20)

SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 

DWPIA Whitepaper - The 7 Deadly Sins of Information Security

  • 1. White Paper A White Paper from DWP Information Architects, Inc. www.dwpia.com This report is not intended to answer every question you might have about the subject at hand. This report consists of the opinions and current thoughts of the author at the time of pub- lication. This report is intended to give general advice and information with regard to its subject mat- ter. It is distributed with the understanding that the author, publisher, and DWP Infor- mation Architects are not ren- dering specific advice for any specific company or organiza- tion. DWP Information Architects would be happy to review your current systems and to offer appropriate context-specific advice. DWP Information Architects and the authors will not be lia- ble to any person or organiza- tion for any actions they take as a result of the information contained in this report. In other words, you’re responsi- ble for your own actions. Box 3876, Thousand Oaks, CA 91359 Telephone: 866-995-4488 Email: info@dwpia.com Web: www.dwpia.com The 7 Deadly Sins of Information Security Effective information security is based on more than just maintaining the proper technologies. It's also a matter of making sure that your employ- ees are fully aware of the threats that face them on a daily basis. Security vendor Trustwave has issued a list of seven key issues that most fre- quently lead to a loss or exposure of data. According to the research, based on more than 300 security breaches worldwide, an overwhelming 87 percent of businesses that had been breached had not developed specific security policies, including security awareness education programs. Coincidentally, today's organizations re- port an average of 14.4 incidents per year of unintentional data loss due to accidents, mistakes and similar issues involving employees. Maybe that should not surprise us given that only 32 percent of employees say they were trained on security policies by their companies. Without further ado, here are seven deadly security sins. Need to hack a password? Try "Password1." It has everything you need: a capital letter, a number and just enough characters to pass muster with Active Directory. And of course, nobody would think of it. Just ask all the people who use it. It's one of the passwords that hackers try first. That is, of course, assuming the password isn't lying around on a desk some- where in plain sight. In approximately 15 percent of physical security tests performed by the Trustwave at client sites last year, written pass- words were found on sticky notes and other scraps of paper in plain view. More than 70 percent of surveyed workers admit that they have peeked at other people's computer screens, either at the office, at a coffee shop, on a plane or in some other public place. And in case that wander- ing eye fails to impress you, one in three workers leaves his computer logged-on and unlocked while away from his desk. To make matters worse, 26.4 percent of malware is keylogger- or application-specific, which often requires detailed knowledge of, or physical access to, a tar- geted system. Hang on. We're going to grab a cup of coffee now. Don't A Product of Web: www.DWPia.com Email: info@DWPia.com DWP Information Architects Inc. Phone 866-995-4488
  • 2. Page 2 Ph: 866-995-4488 Email info@dwpia.com look at our stuff. The survey says 60 percent of users who find ran- dom USB sticks will plug them into their comput- ers. That implies the remaining 40 percent know better. But if you slap a logo sticker onto that USB device, the percentage of people who would be tempted to use it goes up to 90 percent. So much for knowing better. Not necessarily coincidentally, about 35 percent of the users report having experi- enced a virus infection through a USB device. Nearly 70 percent of IT security pros admit that they sometimes come across phishing emails that snuck past the spam filters. And, falling for these attempts is not just for the Great Unwashed. Approximately 27 percent of IT organizations have top executives or privileged users who, though they should proba- bly know better, have fallen prety to malicious email attacks. The good news is that when users are properly trained on how to spot phishing attempts, they fall for it 42 percent less frequently than those who have not been trained. Where would we be without our smartphones? They are so handy, so compact, so easy to use and also so easy to lose that all too often we do get to find out what we would do without them. With that in mind, you might think that little four-digit passcode would not be too much of an inconvenience. But, apparent- ly it is. The survey says about 70 percent of users do not password-protect their smartphones. A lot of times, those phones are found by other people. And according to the survey, nearly 90 percent of the people who find lost phones dig through them to see what they can find. This was Trustwave's original headline for this little ditty, and we just couldn't pass it up. The number of Wi-Fi hotspots is expected to increase by 350 per- cent by 2015. Meanwhile, only 18 percent of the us- ers log on to a VPN when accessing public Wi-Fi. The rest do not. Trusting souls are they! But all too often, that trust is misplaced. And, you don't have to go to some anonymous coffee shop or log on to some hot spot that just showed up on your phone in order to get exploited. The FBI recently released an alert to travelers warning about an increase in malware that pops up on hotel Internet connec- tions, claiming to be an application update that you might otherwise take for granted. Beware. The sin that comes after hooking up with another man's Wi-Fi is, potentially, a social disease (of sorts). According to the survey, 67 percent of young workers think corporate social media poli- cies are outdated. But, that's probably not such a big deal, given that 70 percent of them admit that they routinely ignore the IT policies anyway. No word on whether they would be more likely to fol- low the policies if those policies were more up to date and Generation Y-ish. Given this collective thumb-nosing, 52 percent of enterprises have seen an increase of malware infections due to employ- ees' use of social media. We Can Help DWP Information Architects is Knowledgeable, Pro- fessional, and Experienced. We have built hundreds of security systems. Our clients have included many small businesses in Ventura County and Los Angeles. We also manage networks and backup systems for companies all across the United States. If we can help you, please contact us today: DWP Information Architects, Inc. Phone: 866-995-4488 Email: info@dwpia.com Web: www.dwpia.com
  • 3. Page 3 Ph: 866-995-4488 Email info@dwpia.com About DWP Information Architects DWP Information Architects is Ventura County’s Prem- ier Microsoft Partner. We were founded in 2002 and have been providing managed care for computer systems since the day we opened our doors. We manage your entire I.T. (information technology) system so you can do . . . whatever it is you do. Because of our investment in the best people and the best consulting tools available, we can provide a level of ser- vice and support normally only available to very large companies. We make it possible for small and medium size business- es (SMB's) to have:  A real, fulltime I.T. department  Service ticketing  Project management  Limited budget  24x7 monitoring  Automated patching of computer systems  Access to absolute top-notch tech support And we do it for less than what most companies are pay- ing for "a computer guy." Company Overview DWP Information Architects is a consulting firm that specializes in managing your entire information tech- nology infrastructure. That means Internet connectivity, Windows operating systems, and Microsoft Networks. We can help you with:  General Tech Support (Desktops, Servers, Monthly maintenance)  Setting Up Microsoft Windows networks  Microsoft Exchange Server  Microsoft Server 2012  Choosing, Installing, and Managing Email Services  Backups, Fault Tolerance, Failover Systems  Getting Connected to the Internet (Choosing an ISP, Frame Relay, Other Options)  Keeping Your Network Up and On the Net  TCP/IP  Networking Domain Control  Troubleshooting  Choosing, Installing, and Creating Content for Web Services  Remote Access Solutions  Fax Services  Security and Firewalls  Domain Name Service (DNS)  Maintaining your Network  Disaster Recovery Preparation and Services  Configuring Network Hardware, such as Routers, DSU/CSUs, Hubs, Switches, etc.  . . . and More!!! DWP Information Architects, Inc. Knowledgeable — Professional — Experienced The author is Denis S. Wilson, President and Principal Consult- ant for DWP Information Archi- tects Inc. in Thousand Oaks, CA.
  • 4. DWP Information Architects, Inc. Knowledgeable — Professional — Experienced Designing, building, and supporting networks for small and medium sized businesses since 2002. Call 866-995-4488