MYTH: “I have virus protection software so I am already secure.”
FACT: Viruses and security threats are two completely different things. Your anti-virus software will not tell you about any of the more than 10 000 security threats for which a good vulnerability assessment will test your network. These include whether your financial or customer records are exposed to the Internet or whether your computer is vulnerable to various hacker attacks.
MYTH: “I have a firewall so I don't need to worry about security threats.”
FACT: Firewalls are great and typically provide a good layer of security. However, firewalls commonly perform services such as port forwarding or network address translation (NAT). It is also surprisingly common for firewalls to be accidentally misconfigured (after all, to err is human). The only way to be sure your network is really secure is to test it. Among the thousands of security threats a good analysis tests for, there is an entire category specifically for firewall vulnerabilities.
MYTH: “I have nothing to worry about; there are too many computers on the Internet.”
FACT: People understand the need to lock their homes, roll up their car windows, and guard their purses and wallets. Why? Because if you don't then sooner or later you will be a victim. But people are just starting to be aware that the same is true with their computers and networks. A single hacker can scan thousands of computers looking for ways to access your private information in the time it takes you to eat lunch.
MYTH: “I know the security of my network and information is important, but all the solutions are too expensive and/or time consuming.”
FACT: While it is true that some network security products and services are very expensive and time consuming, you can find good network analysis tools that are very robust, efficient and effective, yet still affordable.
MYTH: “I can't do anything about my network’s security because I’m not a technical wizard.”
FACT: While network security is a technical problem, a sound remote analysis report should provide a solution that is comprehensible to non-technical people and geeks alike. If it’s a true remote automated system you won’t have to download, install or configure anything. A good report will include a business analysis that explains technical issues in plain English with plenty of charts, graphs, and overviews to illustrate it. It must be easily comprehensible by non-technical business people and home users.
MYTH: “I know what is running on my computer and I am sure that it is secure.”
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.