We are often under the impression that our security is invincible since we are following certain security measures. For example we feel safe when –

• Security software is installed. Check.
• Passwords are changed on a regular basis. Check.
• The IT department is in place for security control. Check.
• Only websites with SSL are chosen for making online transactions. Check.

Sad but true, these security measures are nothing but most common security misconceptions. Even though you might affirm yourself repeatedly that you are not vulnerable to cyber security threats, but you could be. Such security practices cannot ensure absolute security. There are many more security misconceptions and myths that you need to know about. Here we have uncovered most common security misconceptions that lead users to dangerous security leaks, unbeknown to them. Let’s debunk these myths, get facts straight to become extra alert of silent cyber threats.

Misconception #1: I am using Mac systems – I am safe

Most Mac users believe their systems are immune to security flaws and threats. Though Mac-based systems are less prone to security breaches than Windows-based systems; they are not fool proof. Mac has been exposed to severe malware threats that compromised many systems; some of the notorious malware that breached Mac systems include Mac Defender malware, ‘Kyle and Stan’ group of mutating malware attacks, "Backdoor.OSX.SabPub.a" Trojan, LuckyCat” attack, WireLurker virus among others. Similar security misconceptions also cloud LINUX users who could be unaware of Shellshock bug which compromised LINUX computers around the world; however, it did not target Windows-based PCs.  

Misconception #2: I keep changing password repeatedly – my passwords are hard to crack

Automatic password expiration and reset is an age-old security misconception, yet are heavily relied upon. Moreover, administrators may imply password expiration on ordinary users, but not on privileged users. Hence, privileged users have to manually change their credentials; this lead professionals missing password reset schedule. Hence, the task of changing password becomes burdensome to follow meticulously, given the number of services privileged customers are using and subscribing to. Another complexity linked to password change practice is that they need to turn off or restart their computers to enable changes to take effect. Hence, with a limited number of people following regular password change cannot secure the entire or prevent password breaches.  

Misconception #3: My data is encrypted and far from getting leaked

Too much of dependence on a single security measure leaves many organizations partially vulnerable to security breaches they are mostly unaware of. One such widely adopted security measure is use is data encryption. Encryption is a highly-effective security practice, but it has limitations too. Some security experts suggest that data encryption may harm the network if wrongly implemented and pointed it as another major security misconception. Organizations must blend in other security practices along with data encryption such as access control, data loss protection, backup and restore, activity monitoring among other.    

Misconception #4: With an antivirus in place my data is secure from attacks

Many users blindly trust upon antivirus software as they believthat all malicious activities will solely be handled by the software. Unfortunately, security experts warn that that no antivirus can prevent hackers from cracking passwords, non-traditional phishing attacks, and some adware or backdoor Trojan programs that hide inside online downloads and chat messages. That’s why you need firewall, an automated update management software, encryption software, data loss prevention software, password manager software in addition to antivirus on systems.

P.S. Many new malware attacks are aimed at cloud services, mobile devices and social networking channels than computer desktop. By using these services or syncing with those devices, your computer becomes exposed to those threats that an ordinary antivirus cannot detect and treat eventually.   

Misconception #5: I don’t open attachments from unknown email, my inbox is safe

Do you think your computer is safe because you do not open unknown mail or email attachments? This is another common security misconception which is clouding your mind. Even emails from your contacts can contain and inject a virus in your PC. Hackers often take control of an email account to impersonate and spread virus to the contacts associated to that email account. They generate and send bulk mails to the contacts to spread virus on a massive level, on a wide range of network. Moreover, many malware programs are designed to hide inside work files so that they can flow through from one computer to another while they are shared via email.

When you clear these security misconceptions and start following a meticulous, security habit, you will be more alert to toxic security breaches. Having antivirus software on a computer will not secure your machine or network, you or all employees in case of a business, need to adhere to security practices, by paying heed to all probable scopes of vulnerabilities and security protection.