Securing IT systems is a difficult task on an average day. There is a never ending list of threats and vulnerabilities that need attention, research, and remediation. New projects and technologies require vetting and users have questions that need to be answered. Unfortunately sometimes decisions are made, either in haste or hubris that can open up an organization to a wide range of problems and security vulnerabilities.
The blog TalkTechToMe by GFI lists the 41 Dumbest Security Decisions that an organization can make.
Here are some of the decisions to avoid:
- Deploy security through obscurity
- Use dictionary words for passwords
- Using the same password everywhere
- Not salting your hashes
- Thinking the number of boxes ticked is directly related to how secure you are
Read the rest and keep this list in mind to avoid some of the common pitfalls that could harm your organization and the people it serves.