Harry Waldron - Corporate Security News

Users who address these 10 key security principles will enjoy a more protective home or office environment.  Computer security is only as strong as it's weakest link and a comprehensive plan of protection is always needed.   

Microsoft gleans top 10 basic security errors from help desk calls
http://www.microsoft.com/technet/archive/community/columns/security/essays/10imlaws.mspx?mfr=true

QUOTE: Here at the Microsoft Security Response Center, we investigate thousands of security reports every year. In some cases, we find that a report describes a bona fide security vulnerability resulting from a flaw in one of our products; when this happens, we develop a patch as quickly as possible to correct the error. (See "A Tour of the Microsoft Security Response Center"). In other cases, the reported problems simply result from a mistake someone made in using the product. But many fall in between. They discuss real security problems, but the problems don't result from product flaws. Over the years, we've developed a list of issues like these, that we call the 10 Immutable Laws of Security.

	Law #1: If a bad guy can persuade you to run his program on your computer, it's not your computer anymore
	Law #2: If a bad guy can alter the operating system on your computer, it's not your computer anymore
	Law #3: If a bad guy has unrestricted physical access to your computer, it's not your computer anymore
	Law #4: If you allow a bad guy to upload programs to your website, it's not your website any more
	Law #5: Weak passwords trump strong security
	Law #6: A computer is only as secure as the administrator is trustworthy
	Law #7: Encrypted data is only as secure as the decryption key
	Law #8: An out of date virus scanner is only marginally better than no virus scanner at all
	Law #9: Absolute anonymity isn't practical, in real life or on the Web
	Law #10: Technology is not a panacea