Scripting is disabled in your browser. Scripting is used for the navigation menus and to enhance the functionality of this site. Click here for directions for turning on scripting in your browser.

August 2005 Newsletter

Immutable Laws of Security

By:

Security might be this year's buzzword. Homeland security, job security, financial security, home security. At least HIPAA security is done, right? Not quite.

The sobering fact is that security is not a product to install once, but rather a collection of attitudes and habits to maintain. Just as you must lock the door every time you leave, similar habits are necessary to keep your computer safe.

Security is such a universal and underestimated issue, that Microsoft published 10 Immutable Laws of Security for computers. Taken from there are some of those laws (paraphrased here) to apply to your situation:

1. Think twice before running or opening something you receive.
At home, you wouldn't open a mail package if it were ticking.	At your computer, don't open e-mail attachments you weren't already expecting, even if you do recognize the sender's name. If your computer pops up a security warning, read it.
2. Be careful of who has access to your system.
At home, you wouldn't encourage your kids to leave doors and windows ajar.	At your computer, teach your new employees good security habits. Include security in your employee termination procedures. Don't share passwords; keep your accounts secure for when once-trusted co-workers leave.
3. Protect your passwords.
At home, you wouldn't leave the keys under your doormat.	At your computer, don't write down your password, and leave it around your desk. Pick a good password. Put a reminder in your calendar to change passwords every three months or so.
4. Only let people you really trust set up your system.
At home, you wouldn't invite in someone asking to see your gas meter, if they wore bermuda shorts and a beach hat.	At your computer, decline technical help from organizations and people who don't understand how important security is to your office. Only hire reputable Internet service providers (ISP's), billers, clearinghouses, and computer technicians.
5. Keep up-to-date on security threats.
At home, you wouldn't skip a news story warning of a crime spree in your neighborhood.	At your computer, educate yourself about threats. Keep your security software up-to-date too: anti-virus definitions, anti-spyware software, operating system (Microsoft Windows (R)) patches. Review the HIPAA security technical, administrative and physical safeguards annually or so, to see if you're staying compliant as your office grows.
6. Realize that your stuff is valuable.
At home, you wouldn't leave your humble house unlocked, just because it's next door to an ironclad bank.	At your computer, don't be lax about security just because your computer doesn't have lots of credit card numbers for the taking. Hackers know personal computers, less likely secured, are easier targets. Your unsecured computer can be implicated as part of more serious crimes.
7. Don't expect computers to protect you by themselves.
At home, you wouldn't buy an alarm system without learning how to use it.	At your computer, technology is also not a panacea. Security is not what you use, but what you do with it.

	August 2005 Newsletter Table of Contents System Uptime Lawsuits Settled On the Horizon Q You In Security Laws Relay for Life Man with Drive Other News Bulletins Newsletters News Index

August 2005 Newsletter

Immutable Laws of Security

1. Think twice before running or opening something you receive.

2. Be careful of who has access to your system.

3. Protect your passwords.

4. Only let people you really trust set up your system.

5. Keep up-to-date on security threats.

6. Realize that your stuff is valuable.

7. Don't expect computers to protect you by themselves.