And yet many of us have a false sense of security about our own data and networks. We install a firewall at the perimeter, put anti-virus and anti-spyware tools on our desktops, and use encryption to send and store data. Microsoft and the big security companies provide ever-improving tools and patches to protect us. Although others who are less careful might be at risk, we're safe, right?
Myth #1: Encryption guarantees protection
Encrypting your data is an important component of data protection, but it's not infallible. Jon Orbeton, senior security researcher with Zone Labs, which makes ZoneAlarm firewall software, is a proponent of encryption, but he warns that sniffers are getting more refined and can intercept SSL and SSH transactions and grab the data after it's encrypted. While encryption helps protect the captured data from being read, encryption standards do have several points of vulnerability that can be exploited by a determined hacker armed with the right tools. "Hackers are finding ways to circumvent the security mechanisms," Orbeton said.
The link for this article located at Security Pipeline is no longer available.