Myths Surrounding ISO27001 Information Security
Submit Articles Back to Articles
This week I am carrying the series of myths forward and this time surrounding
Information Security (ISO27001).
- Information Security is for big companies
False Most small companies (and individuals) are targeted at
- My computer has virus control software so I am safe.
False Anti-Virus software is only one area of protection.
- I have turned off the Microsoft Automatic Update to protect my computer.
False Auto-update provides security patches to help protect your
- I always tear up sensitive paper information before putting it in the
dustbin to protect myself.
False tearing up paper is never as secure as shredding.
- Cutting a credit card in half makes it useless to a thief.
False Shred any non required credit cards as a thief can copy
the detail and your signature.
- Email is a secure method of communication.
False Unless you encrypt your email, it is visible.
- I can't remember complex passwords so I use my dog's name, but that is
False A hacker will run a dictionary test to find easy passwords
- My company insists on 8 digit passwords so I have to write them down – but
this is safe.
False Writing down passwords is a bad idea and is full of risk.
- In my company we all share a generic password but this is secure.
False If there is s problem with a generic password is it almost
impossible to find out who is responsible.
- When we get new computers we always format the old hard disks to ensure
they cannot be hacked.
False Hard disks should be physically destroyed otherwise data
can be recovered, sometimes by simply un-formatting.
Information security is everyone's responsibility.
About the Author
Chris Eden FIBA MISSA AIQA is a director of Quality Matters Limited an
established independent management consultancy specializing in
ISO27001 Information Security Management Training courses.
Follow us @Scopulus_News
Article Published/Sorted/Amended on Scopulus 2007-12-03 20:51:02 in Computer Articles