Common Security Violations

Because no computer is completely secure, a computer facility is only as secure as the people who use it. Most actions that violate security are easily resolved by careful users or additional equipment. However, the following list gives examples of problems that can occur:

• Users give passwords to other individuals who should not have access to the system.

• Users write down passwords, and lose or leave the passwords in insecure locations.

• Users set their passwords to easily guessed words or easily guessed names.

• Users learn passwords by watching other users type a password.

• Unauthorized users remove, replace, or physically tamper with hardware.

• Users leave their systems unattended without locking the screen.

• Users change the permissions on a file to allow other users to read the file.

• Users change the labels on a file to allow other users to read the file.

• Users discard sensitive hardcopy documents without shredding them, or users leave sensitive hardcopy documents in insecure locations.

• Users leave access doors unlocked.

• Users lose their keys.

• Users do not lock up removable storage media.

• Computer screens are visible through exterior windows.

• Network cables are tapped.

• Electronic eavesdropping captures signals emitted from computer equipment.

• Power outages, surges, and spikes destroy data.

• Earthquakes, floods, tornadoes, hurricanes, and lightning destroy data.

• External electromagnetic radiation interference such as sun-spot activity scrambles files.