InfoWorld - Security Adviser: Update your security lessons for end-users

/Home/Internet Security: Blogs/Internet Security: InfoWorld blog/InfoWorld: Security Adviser 2009

Yesterday's advice won't protect users from today's worms, viruses, and scams

By Roger A. Grimes
December 28, 2009

I'm still surprised by all the old computer security recommendations that so-called experts are pushing out to the masses. For example, a quarterly guidance document from a major security vendor contained the following two statements: "Don't open up file attachments from unknown people" and "Don't run unexpected executable software from Web sites you don't trust."

That's great advice -- from 10 or 15 years ago. I'm surprised the document didn't include a warning about accidentally booting from floppy disks in A: drive.

That's part of what is wrong with the computer security industry. When the bad guys change their tactics, most of the computer security industry needs a year or two to catch up.

Click the URL above to read the full article