Stupid security mistakes: Things you missed while doing the hard stuff

While you were upgrading your servers with the latest intrusion detection, did someone just walk in and steal them?

1 2 3 4 Page 2
Page 2 of 4
rsa_conference_600x450.jpgSource: ixfd64/Flickr
How many of these people are in this RSA conference legitimately?

The one thing that makes stealing stuff tricky is that it requires real physical access to that stuff. But getting physical access to things is easier than you'd think. One security researcher demonstrated fairly easily that it's pretty easy to get access to restricted areas via attitude (e.g., imperiously waving a badge at security guards, even if it's not a badge that allows you access to wherever it is you're going) and a moderate amount of stealth (e.g., slipping in through exit doors). Oh, did we mention that these techniques worked at an RSA Security conference? Probably it's even easier in your building.

sydney_train.jpgSource: Wykymania/Wikipedia
Lots of Australians just left their valuable data behind on trains like this

But when your tech goes missing, don't forget the old adage that you should never blame on malice what can be attributed to good old-fashioned incompetence. For instance, maybe those computers weren't stolen by dastardly cat burglars bent on sabotage; maybe someone who was in charge of them just lost them. This didn't happen so much when everybody had a large desktop computer that was hard to lug around, but the convenience of laptops and smartphones makes them also convenient to lose. One survey of small businesses found that 35% had an employee who lost a device with business data on it. And if a survey of USB sticks found on Sydney commuter trains is any indication, almost none of those devices were encrypted in any way.

1 2 3 4 Page 2
Page 2 of 4
Shop Tech Products at Amazon