:: Deepquest ::

What are the odds?
1 in 6 of laptop or PDA stolen
4 in 5 data files stored unencrypted
2 in 3 data files transferred unencrypted
1 in 2 limits users ability to install whatever they please, irrespective
of risks

1 in 5 suffered data or network sabotage
1 in 4 not know if computers have been illegally accessed
2 in 5 not keep log of computer security incidents
9 in 10 suffered a computer security incident during the past year
ALL enterprises have some software installed on desk tops that computer
staff not know are there, and would not approve of if they did know

Other common problems
* Systems for security, that are so complicated that no one uses them, are
as bad as having no security at all,
* Computer systems functionality depends on various configuration files …
who has access to them?
* Security needs to be documented, otherwise investigators will assume you
did not do it
* Employees bring unsecure home systems to the office, plug them into
corporate systems and guess what? now the corporate systems are
unsecure. Example, some employee at a financial institution had a lap top
from home with the wireless port wide open, plugs it into the system at
work, which is now wide open over the wireless port
* Each new technology has new security weaknesses unknown to people
installing them
* Executives consider corporate security rules do not apply to them, they
are free to break any of them
* People think the laptop breach laws do not apply to other portable
devices that can carry corporate data … they are wrong
* Data is backed up, but can it also be restored in a crisis … there
should be periodic checks that backups are getting everything they ought to