Law #1: If a bad guy can persuade you to run his program on your computer, it’s not solely your computer anymore.
Law #2: Nobody believes anything bad can happen to them, until it does.
Law #3: If a bad guy can alter the operating system on your computer, it’s not your computer anymore.
Law #4: Security only works if the secure way also happens to be the easy way.
Law #5: If a bad guy has unrestricted physical access to your computer, it’s not your computer anymore.
Law #6: If you don’t keep up with security fixes, your network won’t be yours for long.
Law #7: If you allow a bad guy to run active content on your website, it’s not your website any more.
Law #8: It doesn’t do much good to install security fixes on a computer that was never secured to begin with.
Law #9: Weak passwords trump strong security.
Law #10: Eternal vigilance is the price of security.
Law #11: A computer is only as secure as the administrator is trustworthy.
Law #12: There really is someone out there trying to guess your passwords.
Law #13: Encrypted data is only as secure as its decryption key.
Law #14: The most secure network is a well-administered one.
Law #15: An out-of-date antimalware scanner is only marginally better than no scanner at all.
Law #16: The difficulty of defending a network is directly proportional to its complexity.
Law #17: Absolute anonymity isn’t practically achievable, online or offline.
Law #18: Security isn’t about risk avoidance; it’s about risk management.
Law #19: Technology is not a panacea.
Blog Stats
- 75,561 hits