I was recently reminded while troubleshooting a friend’s small business network of where most computer systems’ real security weaknesses lie. Where do you think it is? The desktop operating system, which was Windows XP SP3? The server operating systems, which were Windows Server 2003 SP2 and Novell’s SLES (SUSE Linux Enterprise Server) 11 SP1? Or, the Sonicwall TZ 210 firewall appliance?
The answer was, of course, none of the above. The weakest spot on your network is never your operating systems, your hardware, your applications, your security software or any of the rest of the technical side. The weakest link is always you and your people.
Whether it’s something as simple as that old stand-by of users putting a password on a yellow sticky note on their monitor or someone tricking their way into your office with a fake ID, your real security problem is the people sitting between their keyboards and their displays.