Worst security mistakes made by...

End-user training is often the one area of a good security policy that is given the least amount of attention. When end users are not properly trained on how to use and maintain security, breaches will result.

Here is a list of some of the security mistakes that end users make, especially when they are not properly trained:

But, before you begin pointing the blame finger at your end users, IT professionals are not without their own faults, oversights and outright mistakes. Here are some of the top security mistakes made by IT people who should know better:

• Placing a system online (LAN or Internet) before hardening a
  
  To continue reading for free, register below or login

  Requires Membership to View

  To gain access to this and all member only content, please provide the following information (all fields required):

  Email Address:
  Create Password:
  Confirm Password:
  
  
  
  
  

  By joining SearchEnterpriseDesktop.com you agree to receive email updates from the TechTarget network of sites, including updates on new content, magazine or event notifications, new site launches and market research surveys. Please verify all information and selections above. You may unsubscribe at any time from one or more of the services you have selected by editing your profile or unsubscribing via email.
  
  TechTarget cares about your privacy. Read our Privacy Policy
  To read more you must become a member of SearchEnterpriseDesktop.com

  As an existing member of the TechTarget network please provide your password to activate your account (Forgot your password?):

  Password:
  
  

  By joining SearchEnterpriseDesktop.com you agree to receive email updates from the TechTarget network of sites, including updates on new content, magazine or event notifications, new site launches and market research surveys. Please verify all information and selections above. You may unsubscribe at any time from one or more of the services you have selected by editing your profile or unsubscribing via email.
  
  TechTarget cares about your privacy. Read our Privacy Policy
  
  
  

  Digg This!     StumbleUpon     Del.icio.us

  
  
  

  RELATED CONTENT Windows XP security issues, updates and alerts How Windows 7 stands up to security tests The state of enterprise security and emerging threats in 2009 A first look at Windows 7 security enhancements How to strike a balance between Windows security and business needs How to recognize and repair Blue Screen of Death stop error messages Ten ways to sell security to management Improve Windows security with our top 10 tips Strategies for troubleshooting Windows XP errors Managing single sign-on security burdens in Windows A Windows security checklist for IT managers Securing Windows legacy operating systems Run legacy applications with Windows Vista security How to Bypass BIOS Passwords Security concerns of unattended, automatic installations How 'limited' malcode pulled off the year's biggest attack Taking over the domain How to get an attacker out of your network Checklists: Harden access control settings Freeware tool for password tracking and storage Manual vs. automated patch tracking Protect desktop files and folders from inside snoops

  RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary drive-by download  (SearchEnterpriseDesktop.com)

  RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary

  
  
  nd testing it

• Not installing necessary and recommended security patches and OS upgrades
• Using insecure remote management tools, such as telnet, on servers, routers, firewalls, etc.
• Giving out passwords or changing passwords over the phone
• Performing an administrative-level operation based on a request from someone without properly verifying their identity or authority
• Not making backups of the LAN data or not verifying and testing such backups when made
• Running unnecessary and insecure protocols and services
• Deploying firewalls, proxies, etc. with default settings
• Not installing and maintaining antivirus software
  
  

  Rate this Tip To rate tips, you must be a member of SearchEnterpriseDesktop.com. Register now to start rating these tips. Log in if you are already a member. DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.