It looks like ChoicePoint was fined $275,000 by the Federal Trade Commission for a data breach they suffered back in 2008. The really embarassing thing about this data breach and one of the reasons for the fine, was that they had implemented a comprehensive security program required by the FTC after a similar data breach in 2004.  The reason why a hacker was able to gain access to the data despite the security program was because ChoicePoint had turned off the security tool they had monitoring the database that was accessed. This points to a chronic problem that security software vendors have to deal with.  That is if the security software interferes with regular business processes or slows down the way people do their jobs, it is more likely to be disabled or bypassed by the people it is meant to protect. Security software must do its job invisibly for people to want to use it.
[...] This post was Twitted by PCSecurityNews [...]
Social comments and analytics for this post…
This post was mentioned on Twitter by PCSecurityNews: RT @zecurion: What good is a security tool that you don’t use? http://bit.ly/2oQHTo…
Social comments and analytics for this post…
This post was mentioned on Twitter by zecurion: What good is a security tool that you don’t use? http://bit.ly/2oQHTo…
[...] This post was Twitted by zecurion [...]
I’ve seen this happen time and again from the banal practice of leaving a secured door ajar for convenience to completely disabling an important security measure. There is a penalt that has to be paid for having a security measure in force. The idea is that the penalty must be minimized. Imagine the police officer who says he won’t wear a kevlar veste because it is too hot. You have to weigh the consequences.
Brian Cockerton
Barracuda Security Devices International
Thanks for a good article.
Sadly in some small and medium sized companies the antivirus software is not password protected.
So users can turn off the real time protection.
I advise that the security software always is password protected – ofcause with a password that only the administrator knows.
The same applies to Windows firewall. This should be protected from being turned off by the users – with a Group Policy if possible.
System administrators knows it and so must the users.. turning off security for convenience is an absolutl NO-GO.
John Nielsen
Nielco IT
as good as a talent that you do not use… anyway… it is important to have tools, but to have them up to date is constantly important. Specially nowdays with this intricate design that we have performed called the Web, we are exposed, more than never to a NewWorld where imagination can create the most amazing features, so why not having your Antivirus Up to Date, and having a GoodAntivirus… You never now what these guys gonna come with!