A lot of these extra modems aren't covered by the company firewall, and in fact IT may not even realize they exist. In a lot of cases, the user can simply plug the modem into the telephone system and make a direct connection to the Internet - with all the danger that implies. Monitoring and maintenance modems are typically controlled by the vendor supplying the equipment, and you're relying on that company to make sure the security software is up to date.

While some modems may be necessary, especially for remote maintenance, it's important to have a complete inventory of all the modems attached to the network and to make sure the ones that are attached are both necessary and properly protected.

9.Unauthorized or Unsecured Synchronization Software. Laptops, PDAs and even phones use synchronization software to keep everything updated, from calendars to contact lists. This is convenient, especially when combined with technologies like Wi-Fi or Bluetooth. However, allowing any device to synchronize can open a serious security hole, especially since many of these programs work in the background and the user may not be aware of what is being uploaded and downloaded. At the very least, this can give access to shared folders and Exchange server.

10.Wireless Connectivity. According to In-Stat and Gartner Group, something like 95 percent of all laptop computers now come with built-in wireless access. In spite of the lessons of TJX's massive loss of customer information, and the resulting dropping stock price and $US12 million charge, some enterprises still haven't secured all their endpoints with wireless connectivity.