You are here: Blog Josh Coppage Think Microsoft Will Extend Windows 10 Support? Think Again

Voyage Tech Blogs

Voyage Technology has been serving the Beaver Dam area since 1999, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.
Font size: +
Print

Avoiding Cybersecurity Placebos in Your Business

Voyage Technology Blog Security
0 Comments
Avoiding Cybersecurity Placebos in Your Business

When it comes to your business, especially its technology, some of the buzzwords you hear floating around can be pretty convincing, almost intoxicating. Unfortunately, like most buzzwords, many of these are aggrandized beyond their worth to the average small-to-medium-sized business. Let’s take a look at how this can impact a business’ perception of its cybersecurity, as well as dig into the reality behind these terms.

To begin, let’s examine a phrase coined in the early 2000s by cybersecurity technologist Bruce Schneier: “security theater.”

What is “Security Theater?”

Security theater is a simple shorthand for any security efforts put in place that do little to better ensure one’s security, despite making one much more comfortable, generally for some considerable cost. The idea behind it is that security exists as both a reality based in math and science, and as a perception that is based in emotion.

In a 2007 blog article, Schneier cited a personal anecdote where a friend’s newborn was fitted with an RFID tag to help prevent infant abduction during their stay in the maternity ward. However, the rates of infant abduction were astoundingly low at that point. In his blog post, Schneier posits that these bracelets were a form of security theater, meant more to placate the parents when their bundle of joy was out of sight than it was to help prevent the rare case of infant abduction.

While security theater may have perceived benefits, Schneier says, the true concerns come with the costs that are associated with it.

Let’s return to his example of the tracking tags on newborns. With such a low rate of infant abduction, there was realistically little-to-no practical risk of someone’s child being abducted from the hospital. However, as the low-cost RFID bracelets allowed parents to breathe a little easier when their baby wasn’t in the room with them, hospitals found this investment to be worthwhile. Another example that Schneier gives is the introduction of tamper-resistant packaging on over-the-counter drugs in the 1980s. With poisonings getting some significant coverage by the press in this era, the idea that medications would be tampered with was relieved.

It didn’t matter that the statistical likelihood of a drug being altered was negligible, or even that the tamper-resistant packaging wasn’t all that effective anyways. The theater of the tamper-resistant packaging that companies would use helped align the perceived threat with the practical odds.

The Trade-Offs

However, there is a point at which security theater can become detrimental: when the investment (real or perceived) into your security is generating negative returns—or in other words, when your security measures are actually making you less secure. One glaring example from recent years is the 2013 hack into Target, where numerous security teams dropped the ball as numerous failsafe notifications and procedures were ignored. Let’s go into how you might be “overacting,” so to speak, when it comes to some of the security theater you have in your office.

Excessive Password Updates

Forcing your employees to update their passwords each month has long been established as a counterproductive security measure, as this will only encourage them to adopt other behaviors that will directly undermine your resiliency. Perhaps these passwords will become embarrassingly predictable, or your users will resort to writing them down somewhere to keep track of them all. Instead, use other methods of reinforcing your business security, such as multi-factor authentication (MFA) or single sign-on solutions, paired with a more moderate password policy.

That said, we’re not advocating never changing passwords, but the bad habits it causes are much worse than what mandatory password changes do for the greater good.

Alert Overload

A never-ending barrage of security notifications can have a few negative repercussions on your users. Naturally, their workflows will suffer from consistent interruptions, but there is also the fact that these notifications will eventually be tuned out. As a result, if a real issue does eventually present itself, it is more likely to be ignored. An MSP’s services can help to separate the wheat from the chaff, preventing your users from encountering interruption in most cases.

Lacking User Awareness

Think back for a second: when you last had a cybersecurity training session for your users, what was the general format? Was it primarily a lecture, or were your employees involved and engaged in the process? When was your last training initiative? Many companies figure that these seminar-style sessions serve their purpose, but the more effective means of instilling good cybersecurity training is through shorter, more frequent, and (most importantly) more interactive efforts.

Voyage Technology has the tools and resources that can help you to better ensure your security efforts are contributing to your practical security. To find out more about the solutions that we can assist you with, reach out to our team by calling 800.618.9844 today.

Tweet
Tags:
Security Business Computing Cybersecurity
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Friday, 25 April 2025

Captcha Image

Sign Up For Our Newsletter!

Blog Categories

Mobile? Grab this Article!

Qr Code

Tag Cloud

Security Technology Tip of the Week Best Practices Business Computing Data Productivity Business Software Innovation Hackers Cloud User Tips Network Security Internet Hardware Efficiency IT Support Malware Privacy Google Email Phishing Workplace Tips Computer IT Services Users Collaboration Hosted Solutions Mobile Device Ransomware Quick Tips Workplace Strategy Microsoft Cybersecurity Small Business Passwords Data Backup Communication Smartphone Backup Saving Money Android VoIP Business Management Smartphones Mobile Devices communications Upgrade Managed Service Disaster Recovery Data Recovery Browser Social Media Managed IT Services Microsoft Office Windows Tech Term Remote Network Internet of Things Current Events Productivity Artificial Intelligence Facebook Automation Cloud Computing Covid-19 Gadgets Server AI Managed Service Provider Remote Work Miscellaneous Outsourced IT Information Holiday Spam Employee/Employer Relationship Encryption Compliance Office Windows 10 Government Business Continuity Training Data Management Wi-Fi Blockchain Bandwidth Windows 10 Business Technology Virtualization Apps Data Security Two-factor Authentication Mobile Office Employer-Employee Relationship Networking Chrome BYOD Mobile Device Management Vendor Budget Gmail Apple App Managed Services Voice over Internet Protocol Computing Information Technology How To Hacker BDR Avoiding Downtime Office 365 IT Support Marketing Applications Access Control WiFi Tip of the week Conferencing Operating System Healthcare Risk Management Managed IT Services Computers Office Tips Analytics Website Augmented Reality HIPAA Router Storage Password Virtual Private Network Bring Your Own Device Health Help Desk Big Data Retail Telephone Cybercrime Scam Data loss Customer Service Cooperation Free Resource Project Management Windows 7 Patch Management Save Money Microsoft 365 Remote Monitoring Vulnerability End of Support Vendor Management Solutions Physical Security Firewall Display Printer Paperless Office Windows 11 Infrastructure 2FA The Internet of Things Monitoring Excel Going Green Document Management Social Remote Workers Maintenance Content Filtering Customer Relationship Management Antivirus Downloads YouTube iPhone Licensing Cryptocurrency Entertainment Hacking Vulnerabilities Data Privacy Presentation Images 101 Virtual Desktop Data storage LiFi Wireless Technology Telephone System Multi-Factor Authentication Robot Mobility Cost Management Outlook Money Word Humor IT Management VPN Employees Meetings Integration User Tip Sports Modem Mouse Processor Computer Repair Mobile Security Safety Holidays Administration Data Storage Smart Technology Supply Chain Video Conferencing Machine Learning Managed Services Provider Saving Time Virtual Machines Professional Services Settings Printing Wireless Managed IT Service Twitter Alerts SQL Server Technology Care Hosted Solution Download Net Neutrality Financial Data Error History Business Communications Typing Browsers Smartwatch Connectivity IT Social Engineering Break Fix Scams Remote Computing Azure Hybrid Work Google Drive Competition Upload Procurement Knowledge Social Network Telework Cyber security Multi-Factor Security Tech Human Resources CES Tablet IoT Communitications 5G Dark Web Cables Alert Google Docs Unified Communications Trends Supply Chain Management Experience Bitcoin Managed IT Customer Resource management FinTech Running Cable User File Sharing Regulations Dark Data Google Calendar Term Google Apps Google Wallet Data Analysis Star Wars IT Assessment How To Microsoft Excel IT Maintenance Notifications Staff Value Business Intelligence Gamification Flexibility Windows 8 IP Address Organization Laptop Travel Social Networking Legislation Shortcuts Drones Techology Fileless Malware Digital Security Cameras Google Maps Smart Devices Ransmoware Wearable Technology Memory Vendors Content Remote Working Health IT Halloween Recovery Unified Threat Management Motherboard Data Breach Comparison Google Play Be Proactive Unified Threat Management Directions Videos Hard Drives Assessment Electronic Health Records Permissions Workforce Wasting Time Threats Domains Hacks Scary Stories Trend Micro Network Congestion Specifications Security Cameras Workplace Strategies User Error Microchip Refrigeration Internet Exlporer Software as a Service Fun Fraud Meta Managing Costs Amazon Deep Learning Public Speaking Username Lithium-ion battery Point of Sale eCommerce Black Friday SSID Education Database Surveillance Entrepreneur Virtual Assistant Outsource IT Tech Support IT Technicians Virtual Machine Environment Media Network Management Mobile Computing Proxy Server Reviews Cookies Monitors Cyber Monday Medical IT Undo Tactics Development Search Hotspot Transportation Small Businesses Websites Mirgation Hypervisor Displays Best Practice Shopping Buisness Nanotechnology Optimization PowerPoint Legal SharePoint IT solutions Addiction Electronic Medical Records Language Employer/Employee Relationships Outsourcing Chatbots Navigation Business Growth Management PCI DSS Lenovo Gig Economy Application Screen Reader Writing Distributed Denial of Service Workplace Service Level Agreement Internet Service Provider Cortana Virtual Reality Computing Infrastructure Teamwork Hiring/Firing IBM Server Management Regulations Compliance Private Cloud Identity Evernote Paperless Alt Codes Superfish Bookmark Downtime Identity Theft Smart Tech Memes Co-managed IT

Blog Archive

2025
2024
2023
2022
2021
2020
2019
2018
2017
2016
2015