Sometimes a user initiates a security breach through a lack of understanding. For example, an uneducated user with administrative rights on a Windows NT system can easily remove or change critical settings, resulting in an unusable system. Having too much trust combined with a lack of understanding can be equally dangerous. It is not uncommon for an administrator to open up their whole network to someone when access to a single machine is all that is required. A poorly trained administrator of a firewall can easily open connectivity to the point that the firewall becomes ineffective. Another possibility is that a temporary firewall opening becomes a permanent opening because there are no procedures in place to ensure that temporary openings are closed after the need for them has been removed. Although a good security policy can help prevent these examples, some security breaches occur without any malicious intent.
Was this article helpful?