Secure Internet Practices: Best Practices for Securing Systems in the Internet and e-Business Age

Author: Patrick McBride, Jody Patilla, Craig Robinson, Peter Thermos, Edward P. Moser
List Price: $59.95
Our Price: Click to see the latest and low price
ISBN: 0849312396
Publisher: Auerbach Pub (10 September, 2001)
Sales Rank: 588,701
Average Customer Rating: 4 out of 5

Customer Reviews

Rating: 5 out of 5
Comprehensive
Any manager who lets his technical people build a security program without the rational kind of road map this book offers is asking to be "owned", that is, to be hacked, his Web site defaced, his firm's data trashed. Never, never wade into the muddy waters of cybersecurity without a good plan.

This book is that plan: risk formulas, the nature of the threats, key tenets of a security program, key steps in constructing one, important policies to have, key steps in formulating a policy, key goals in information security, kinds of architecture to consider, kinds of infrastructure that underlie the program, steps in the life cycle for developing a secure system.

Talk about comprehensive. A great way to introduce yourself to security from a high level view or to start building security for your organization.

Rating: 4 out of 5
Great book for techies, managers, and execs!
I especially like this book because it gives the IT shop and the security professionals lots of ammunition for getting funding and support from the "business" side of the business. Too often, the business executives don't understand the technology in question, and therefore do not comprehend the extent of the threat to the enterprise. Because this book is written for a "high level" business audience, among others, it presents issues like risk assessment and extent of the threat in ways the average businessman can understand. It even has sections like "Gaining Support" meant to help IT get management and funding on its side, without which the most carefully thought out plan isn't going anywhere, given that it's the executives who have the clout to make things happen in an organization!

Rating: 5 out of 5
Just what the doctor ordered
Just what the doctor ordered. Finally a clear road map for setting up computer security at a corporation.

Lots of organizations are clueless about what is needed to set up an effective defense against hackers. This book provides the clues, in a clear, jargon-free, and easy-to-understand manner. It lays it all out step by step.

It sketches the nature of the threat hackers pose. Then it tells you, phase by phase, how to put together a security program. It lays out a so-called Policy Framework on which to hang you secure password policy, incident response policy, asset management, vulnerability assessment policy, you name it, along with the technical procedures - tightening up UNIX, getting software patches for Windows XP, etc. - that flesh out the policies. A formula for figuring out risk is offered. There's lots of useful stuff on how computer architecture fits in with security, and how life cycle development should incorporate security into it.

There actually can be a rhyme and a reason to formulating security policies, and this book lays it out.



Book Index