That's not a vote of confidence, actually. Why is security so hard?
Even security experts can't agree:
A Google-conducted survey of 231 infosec pros worldwide has reaffirmed the industry's faith in strong passwords, and achieved consensus about nothing else.
It's almost unfair to make fun of the study's title, “152 Simple Steps to Stay Safe Online: Security Advice for Non-Tech-Savvy Users”, because that's clearly an editorial slip-up (the
document [PDF] also includes the note, “ED: Please provide section title”).
What's clear is that infosec types can't agree, on an industry-wide basis, on the content of anything like the Australian Signals Directorate's (ASD's) enterprise-focussed
“Essential Eight” safety strategies.
Sigh. Not only is there no agreement, things are really all over the map:
Here, we pick out everything with more than 30 mentions:
Patch systems and software | 90 |
Use unique passwords | 68 |
Use strong passwords | 58 |
Use multifactor authentication | 36 |
Use antivirus software | 35 |
Use a password manager | 33 |
However, to Vulture South's eagle eye (sorry), it's depressing how many things we'd consider obvious lacked traction even among experts.
Don't open unexpected attachments | 19 |
Limit privileges (don't run as admin) | 12 |
Backup your data | 10 |
Don't trust open networks | 4 |
Lock all devices | 4 |
Don't use Java | 4 |
Only 10 experts said back up your data? Yikes.
This is why we can't have nice things on the Internet, folks.
You do have a point... And I DO backup...
ReplyDeleteSo..........what security guidelines are in place for Castle Borepatch?
ReplyDeleteJoseph, I'm happy to give you a debrief. Just give the usual password at the Castle Borepatch drawbridge ...
ReplyDelete