Things You Should Never Assume When it Comes to Network Security

Last week, Josh Karp wrote a blog on 5 Assumptions Security Admins Should Never Make. We asked for your feedback and we received great response! In no particular order here’s a list of other “bad” network security assumptions.

• The security systems we have are good enough.
• Our security architecture is so complex no attacker will be able to get into our network.
• We only REALLY need to worry about inbound firewall policies. The danger is out there! (not in the network).
• We’re up to date on patching our vulnerabilities so we are in the clear.
• The firewall configuration is secure because it’s managed by an outside firm.
• If no one is screaming about an outage or a virus then everything is hunky dory.
• Network operations and application owners understand security.
• Security is more important than business operations.
• The security processes we have are good enough – they are written down on paper.
• Employees will follow most if not all of the security policies.
• It’s much more secure if we virtualize it.

If you have other suggestions to add, please send them to us!