Font Size

Myths Surrounding ISO27001 Information Security

 By

Chris Eden - Quality Matters Limited

Computer/Internet/Software Articles
Submit Articles   Back to Articles

This week I am carrying the series of myths forward and this time surrounding Information Security (ISO27001).

  1. Information Security is for big companies
    False Most small companies (and individuals) are targeted at some time.
  2. My computer has virus control software so I am safe.
    False Anti-Virus software is only one area of protection.
  3. I have turned off the Microsoft Automatic Update to protect my computer.
    False Auto-update provides security patches to help protect your computer.
  4. I always tear up sensitive paper information before putting it in the dustbin to protect myself.
    False tearing up paper is never as secure as shredding.
  5. Cutting a credit card in half makes it useless to a thief.
    False Shred any non required credit cards as a thief can copy the detail and your signature.
  6. Email is a secure method of communication.
    False Unless you encrypt your email, it is visible.
  7. I can't remember complex passwords so I use my dog's name, but that is secure.
    False A hacker will run a dictionary test to find easy passwords like this.
  8. My company insists on 8 digit passwords so I have to write them down but this is safe.
    False Writing down passwords is a bad idea and is full of risk.
  9. In my company we all share a generic password but this is secure.
    False If there is s problem with a generic password is it almost impossible to find out who is responsible.
  10. When we get new computers we always format the old hard disks to ensure they cannot be hacked.
    False Hard disks should be physically destroyed otherwise data can be recovered, sometimes by simply un-formatting.

Information security is everyone's responsibility.


About the Author

Chris Eden FIBA MISSA AIQA is a director of Quality Matters Limited an established independent management consultancy specializing in ISO27001 Information Security Management Training courses.



Follow us @Scopulus_News

Article Published/Sorted/Amended on Scopulus 2007-12-03 20:51:02 in Computer Articles

All Articles