Welcome to this, the fifth edition of The ISO27000 Newsletter, designed to keep you abreast of news and developments with respect to ISO 17799 and information security.
The information contained is free to our subscribers and provides guidance on a range of practical issues, plus commentary on recent Information Security incidents.
In this issue we focus specifically on the dangers of security complacency with everyday devices and technology. Included are the following topics:
EXPOSURES? IT'S THE PEOPLE!
It was recently disclosed by one of Microsoft's executives how the company's top secret source code was accessed last year by a hacker. This particular incident resulted in worldwide concern about the security of networks.
Although Microsoft's security system is considered to be one of the best in the industry, hackers often target it. On this occasion, access was gained by the hacker because a member of staff, when configuring a server, left a password field blank.
Bob Herbold, Microsoft's retiring Executive VP said, "It's not the technology, folks, it's the people. When we trace them (the errors) back, it's always human error". This attack shows again how important basic protective features such as passwords are and that awareness education in respect of security procedures should be given to all users.