Like cleaning the windows, IT security can be a thankless task because they only notice when you don't do it. But to get the job done in the era of virtualization, smartphones and cloud computing, you've got to avoid technical and political mistakes. In particular, here are five security mistakes to avoid:
1. Thinking that the business mindset of the organization is the same as five years ago. It's not.
2. Failing to build working relationships with IT and upper-level managers.
3. Not understanding that virtualization has pulled the rug out from under everyone's security footing.
4. Not preparing for a data breach - the nightmare scenario in which sensitive data is either stolen or accidentally leaked.
5. Complacency with IT security vendors. The danger in any vendor relationship is forgetting how to look at products and services with a critical eye, particularly in terms of sizing up what they have in relation to their competition or finding new approaches to basic problems of authentication and authorization, vulnerability assessment and malware protection.
