21 Best Ways to Lose Your Data
Are you at risk of losing your data? Information security is critical to your business. Have you ever wondered what the best ways are to get hacked, be adversely affected by disasters, or otherwise lose information stored on your computer systems? Here, in no particular order, are the 21 best ways to not secure your systems; 1. Don't pay attention to or even bother to understand what you're trying to protect 2. Leave your databases, especially those containing credit card or other confidential information, unencrypted. And be sure to store them on publicly accessible servers 3. Don't patch your software or update your virus signatures, and never, ever run vulnerability assessments to detect newly discovered software flaws and system miss configurations. It's just too time-consuming 4. When an employee quits or is let go, leave their network login and e-mail accounts enabled. You never know when he might want to check in on things 5. Don't create any security policies that document how you're safeguarding your information to protect your organisation and clients from information disasters and legal liabilities 6. If you do happen to have a security policy, never refer to it, enforce it, update it or do what it says – it looks just fine on the shelf gathering dust 7. Completely outsource your information security initiatives. There's no need for anyone inside your organisation to worry about such matters 8. By all means, don't take an inventory of your information systems or document your network – who needs to know anyway? 9. Apply the principle of greatest privilege. Give all users the greatest amount of access to your information systems. Everyone should have access to everything – equality is the name of the game, right? 10. Rely solely on technology. Firewalls, encryption and antivirus software are all you need to protect your information 11. Run your business without disaster recovery and business continuity plans. After all, you can think clearly and make critical decisions under pressure, right? 12. Don't monitor your systems. They'll be fine running by themselves, and if anything major happens with the integrity or availability of your information, you'll be notified automatically, won't you? 13. Don't back up your data, but if you must, don't test your backups. Also, leave your backup media on-site -- preferably sitting on top of an uninterruptible power supply – it’s warm and dry there 14. Leave your operating systems and software applications with the default settings. System hardening is for the birds
15. Respond to hacker attacks, viruses and other intrusions as they happen -- don't be proactive in dealing with them 16. Use passwords that consist of your pet's name, your name, your mother's maiden name, or your birthday. That way, you won't forget them. Better yet, just use "password" for your passwords. Also, don't forget to write them down and post them on your monitor or under your keyboard 17. Don't subscribe to security bulletins and mailing lists, and don't ever read information security trade magazines 18. Leave your servers and network equipment in a room to which everyone, including outsiders off the street, has access – everyone is impressed by flashing lights, especially the red ones 19. Don't train your users on your security policies and what to look out for, such as unsolicited e-mail attachments and common hacker activities. Your users can't be burdened with more training 20. Ignore all known best practices and international information security standards from the International Standards Organization, Internet Engineering Task Force, SANS Institute and your local information security consultant, to name a few – they just use these scare tactics to make money 21. Don't, under any circumstances, get upper management involved in information security initiatives. They're business-focused and shouldn't be bothered or even care about technology or the liabilities associated with their information, right? If you follow these practices, you'll ensure that your computer systems will be a safe haven for hackers, viruses, disgruntled employees and the like. You'll be able to go to work every day with a feeling of excitement knowing that there's a good chance your company's data will be gone when you get there. It's only a matter of time, and yes, it's really this easy. Of course Not-a-Geek do not recommend you follow any of these steps, but you will be surprised how many businesses do make some or all of the above mistakes. Small to Medium sized Businesses don’t generally have the time or the technical background to redress them, that’s why Not-a-Geek offer competitively priced managed services to take the burden off your shoulders. Contact us today for a free1 SWOT consultation of your technology.