Thursday, June 09, 2011

Ten Immutable Laws Of Security (Version 2.0)

Having a secure computer is not only about the operating system.  As the Microsoft Security Response Center (MSRC) has seen, there are some things that neither Microsoft nor another software vendor can fix.  This is because, although they are real security problems, the problems are not from product flaws.





Dilbert by Scot Adams

Being aware of phishing attempts is only part of having good judgement.  The MSRC delves into the details of the 10 Immutable Laws of Security identified in the following summary.

The 10 Immutable Laws Summary

  • Law #1: If a bad guy can persuade you to run his program on your computer, it's not solely your computer anymore.
  • Law #2: If a bad guy can alter the operating system on your computer, it's not your computer anymore.
  • Law #3: If a bad guy has unrestricted physical access to your computer, it's not your computer anymore.
  • Law #4: If you allow a bad guy to run active content in your website, it's not your website any more.
  • Law #5: Weak passwords trump strong security.
  • Law #6: A computer is only as secure as the administrator is trustworthy.
  • Law #7: Encrypted data is only as secure as its decryption key.
  • Law #8: An out-of-date antimalware scanner is only marginally better than no scanner at all.
  • Law #9: Absolute anonymity isn't practically achievable, online or offline.
  • Law #10: Technology is not a panacea.

Learn how using sound judgement will help to improve the security of your computer in the Ten Immutable Laws Of Security.



Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...


No comments: