Security breaches can be very costly, but not all such breaches are the result of actual errors in software. Many security breaches are a result of mismanagement or mistakes in security policy administration. Some of the consequences of administrative mistakes are
Unintended side effects of security policy changes allow unsafe code to run, which can lead to the loss of files or the theft of information.
Security policy has been too strongly tightened, preventing legitimate applications from running properly and, therefore, causing severe productivity loss.
Before dashing to make any security policy changes, you should carefully consider the following questions and heuristics. ...