Top 5 Network Security Myths
Network security has changed greatly in the last 10 years, but we still see that Sonicwall or Watchguard for a firewall, XP workstations with no Windows Firewall, and Vipre or the anti-virus of the day. The following are the most common network security myths:
- The biggest concern is stopping the bad guys coming in. Wrong. The largest risk is employees inadvertently or maliciously causing loss of productivity, leakage of proprietary and confidential information, and non-compliance with laws or regulations.
- Security must be layered with multi-vendor products. While it is true that the best security should be layered, using a bunch of incompatible manufacturer products just adds complexity and cost. Most Microsoft shops are unaware that the Microsoft Forefront suite provides better protection at less cost and complexity.
- Open culture doesn’t allow for controls. While some environments are too limiting, little or no administrative workstation access is a must and at the very least web filtering should block pornography and tasteless or offensive sites to avoid costly hostile worker suits.
- Hardware firewalls are the preferred. Maybe 15-20 years ago. Software runs on faster equipment, can scan for malware before it hits the desktop, costs less, has fewer vulnerabilities, and must be replaced less often than a 3 year Sonicwall.
- Windows firewall and User Access Control should be off. The firewall should be on for workstations and servers, along with the UAC. It’s fine to disable these functions for testing, but the encapsulation and user initiated direction stop prying and prevent malware access.