| Types of flaws | Recommended solutions |
| Authorization to use personal IT tools in the company network. | Set up mechanisms to restrict and control the use of these tools (GPO etc…) and encourage user awareness. |
| Lack of intrusion detection mechanisms. | Deploy hardware or software solutions for detecting and preventing intrusions. |
| Failure to change computer and digital equipment in general within a reasonable time.. | Avoid obsolete equipment by replacing it frequently (updating). |
| The non-implementation of penetration testing periodically.. | Encourage, include in the security policy, and conduct periodic penetration tests to detect vulnerabilities in the company. |
| Using non-genuine operating system. | Use licensed operating systems (in accordance with Microsoft). |
| Use of outdated operating system. | Use operating systems whose technical support is still valid with Microsoft. |
| Lack of recurrent training for IT professionals. | Set up in the security policy a continuous and periodic training plan. |