G 0.31 Incorrect Use or Administration of Devices and Systems

Incorrect or improper use of devices, systems, and applications can compromise their security, especially when existing security measures are disregarded or circumvented. This frequently leads to disruptions or failures. Depending on which types of devices or systems are used incorrectly, the confidentiality and integrity of information can also be violated.

An especially important special case of incorrect use is incorrect administration. Errors in the installation, configuration, maintenance, and upkeep of hardware or software components can result in serious damage.

For example, overly generous assignment of rights, easily guessed passwords, insufficiently protected storage media containing backup copies, or terminals that are not locked during temporary absence can lead to security incidents.

Likewise, incorrect operation of IT systems or applications can also result in data being accidentally deleted or altered. This could also lead to confidential information being released to the public, for example if access rights are set incorrectly.

If power or network cables are laid unprotected, they can be unintentionally damaged, which can cause connections to fail. Device connection cables can be torn out if people trip over them.