Securing corporate resources and data in the workplace is everyone's responsibility. Corporate IT security strategies are only as good as the employee's awareness of his or her role in maintaining that strategy. This book presents the risks, responsibilities, and liabilities (known and unknown) of which every employee should be aware, as well as simple protective steps to keep corporate data and systems secure. Inside this easy-to-follow guide, you'll find 20 lessons you can use to ensure that you are doing your part to protect corporate systems and privileged data.The topics covered include: Phishing and spyware; Identity theft; Workplace access; Passwords viruses and malware'; Remote access; E-mail; Web surfing and Internet use; Instant messaging; Personal firewalls and patches; Hand-held devices; Data backup; Management of sensitive information; Social engineering tactics; and, Use of corporate resources. Ben Rothke, CISSP, CISM, is a New York City-based senior security consultant with ThruPoint, Inc. He has more than 15 years of industry experience in the area of information systems security and privacy.
Computer Security
and over one million other books are available for Amazon Kindle. Learn more
| ||||||||||||||||||
Book Description
Product Details
Would you like to update product info or give feedback on images?
|
Product Description
From the Back Cover
Securing corporate resources and data in the workplace is everyone’s responsibility. Corporate IT security strategies are only as good as the employee’s awareness of his or her role in maintaining that strategy. This book presents the risks, responsibilities, and liabilities (known and unknown) of which every employee should be aware, as well as simple protective steps to keep corporate data and systems secure. Inside this easy-to-follow guide, you’ll find 20 lessons you can use to ensure that you are doing your part to protect corporate systems and privileged data. The topics covered include:
- Phishing and spyware
- Identity theft
- Workplace access
- Passwords
- Viruses and malware
- Remote access
- Web surfing and Internet use
- Instant messaging
- Personal firewalls and patches
- Hand-held devices
- Data backup
- Management of sensitive information
- Social engineering tactics
- Use of corporate resources
Ben Rothke, CISSP, CISM, is a New York City-based senior security consultant with ThruPoint, Inc. He has more than 15 years of industry experi¬ence in the area of information systems security and privacy.
About the Author
Biography of Ben Rothke Ben Rothke, CISSP is a New York City based senior security consultant with ThruPoint, Inc. and has more than 15 years of industry experience in the area of information systems security. His areas of expertise are in PKI, HIPAA, 21 CFR Part 11, design & implementation of systems security, encryption, firewall configuration & review, cryptography and security policy development. Prior to joining ThruPoint, Ben was with Baltimore Technologies, Ernst & Young, and Citicorp, and has provided security solutions to many Fortune 500 companies. Ben is also the lead mentor in the ThruPoint, Inc. CISSP preparation program, preparing security professionals to take the rigorous CISSP examination. Ben has written numerous articles for such computer periodicals as the Journal of Information Systems Security, PC Week, Network World, Information Security, Secure Computing, Information Security Magazine, Windows NT Magazine, InfoWorld & the Computer Security Institute Journal. Ben writes for Unix Review and Security Management and is a former columnist for Information Security and Solutions Integrator magazine; and also is a frequent speaker at industry conferences. While not busy making corporate America a more secure place, Ben enjoys spending time with his family, and is preparing to run in the 2003 Marine Corps Marathon for the Leukemia & Lymphoma Society’s Team In Training, the world's largest endurance sports training program Ben is a Certified Information Systems Security Professional (CISSP) & Certified Confidentiality Officer (CCO), and a member of HTCIA, ISSA, ICSA, IEEE, ASIS & CSI.
Inside This Book
(Learn More)
Customer Reviews
Most helpful customer reviews
Format:Paperback
Having served as the person in our firm with the most paranoia about computer security, I have been constantly struck by how careless people can be in this area. It's as though computer security can be assumed to be in place . . . rather than being something that needs to be encouraged, nurtured and observed.
While I often read technical manuals on computer security to catch up with the latest, none of those manuals could hope to attract a full reading by anyone who has ever worked for me.
I was delighted to find that the Second Edition of Computer Security: 20 Things Every Employee Should Know has everything in it that I hope all my employees will remember to do.
The book is brief, it's accurate and it's easy to understand.
If you follow Mr. Rothke's advice, most major problems will be avoided.
The book opens by explaining about phishing and spyware by explaining what they are and why an employee should want to avoid them. Here's the advice:
1. Don't reply or click on links asking for personal or financial information.
2. Don't download programs from companies you don't know.
3. Keep your computer secure with pop-up blockers, a fire wall, and anti-virus and anti-spyware software.
I particularly liked the non-technical advice such as the one on avoiding identity theft.
The book also has little case studies of what can go wrong. One of my favorites was an employee who wanted to go home and let a new employee use his security access card so she could keep working.
Where there is a technical element, Mr. Rothke keeps that simple. For instance, protection by having a password that contains both numerals and letters is explained in terms of the new programs that can be used to check standard English words and names in a few minutes.
There are also useful hints that are unrelated to being an employee such as being aware that your company may be tracking your usage. Do you really want people to know all about your personal habits? If not, don't pursue them at work or on a company device?
For more complicated situations, Mr. Rothke explains when to go for help from the company's IT security team. Many people don't realize they can make things worse by trying to fix problems themselves.
Nice going, Mr. Rothke!
While I often read technical manuals on computer security to catch up with the latest, none of those manuals could hope to attract a full reading by anyone who has ever worked for me.
I was delighted to find that the Second Edition of Computer Security: 20 Things Every Employee Should Know has everything in it that I hope all my employees will remember to do.
The book is brief, it's accurate and it's easy to understand.
If you follow Mr. Rothke's advice, most major problems will be avoided.
The book opens by explaining about phishing and spyware by explaining what they are and why an employee should want to avoid them. Here's the advice:
1. Don't reply or click on links asking for personal or financial information.
2. Don't download programs from companies you don't know.
3. Keep your computer secure with pop-up blockers, a fire wall, and anti-virus and anti-spyware software.
I particularly liked the non-technical advice such as the one on avoiding identity theft.
The book also has little case studies of what can go wrong. One of my favorites was an employee who wanted to go home and let a new employee use his security access card so she could keep working.
Where there is a technical element, Mr. Rothke keeps that simple. For instance, protection by having a password that contains both numerals and letters is explained in terms of the new programs that can be used to check standard English words and names in a few minutes.
There are also useful hints that are unrelated to being an employee such as being aware that your company may be tracking your usage. Do you really want people to know all about your personal habits? If not, don't pursue them at work or on a company device?
For more complicated situations, Mr. Rothke explains when to go for help from the company's IT security team. Many people don't realize they can make things worse by trying to fix problems themselves.
Nice going, Mr. Rothke!
By Brent Huston
Format:Paperback
This pamphlet sized book is a great training platform for keeping awareness up to par in your organization. It provides a baseline security reminder for 20 of the most key aspects of information security initiatives in an enterprise. This would be a useful aid in a classroom security review program or awareness training course. The points are simple and well written and apply to all users of a network environment.
Format:Paperback
It is easy for end-user (i.e. employees) to understand some real-life security problems and the author will provide practical tips and solutions for every topic.
It is an excellent source to reference so as to provide a security awareness training indeed. It is because we should keep something simple. Even we could sella company to purchase this book for their employees. Light-weight and simple but not simplistic handbook is useful for people to understand their positions and roles as well as relevant response and action. in security-related issues.
It is an excellent source to reference so as to provide a security awareness training indeed. It is because we should keep something simple. Even we could sella company to purchase this book for their employees. Light-weight and simple but not simplistic handbook is useful for people to understand their positions and roles as well as relevant response and action. in security-related issues.
Want to see more reviews on this item?
›
Go to Amazon.com to see all 23 reviews
4.7 out of 5 stars
Most recent customer reviews
5.0 out of 5 stars
An excellent end-user book
It is easy for end-user (i.e. employees) to understand some real-life security problems and the author will provide practical tips and solutions for every topic. Read more
Published on Jan 12 2004 by Anthony LAI, CISSP
5.0 out of 5 stars
Rothke's book is a superb addition to any security awareness
At 51 pages, this title is little more than a pamphlet compared with most IT security books. But here, brevity is a virtue, and I don't expect this slim volume to spend much time... Read more
Published on Dec 15 2003
5.0 out of 5 stars
Computer Security: 20 Things Every Employee Should Know
According to a recent InformationWeek study, 67 percent of U.S. companies say raising user awareness of computer security is a crucial priority for the next year. Read more
Published on Nov 21 2003 by Bill Camarda
5.0 out of 5 stars
A *must* for Iall computer users!
How can you educate non-tech personnel on computer security? Buy them this book. It's brief and clear enough for even the most clueless end user to understand! Read more
Published on Oct 13 2003 by Joy
4.0 out of 5 stars
Ideal for a handbook in computer security for all employees
If a company wishes to survive in the current environment where predators of all types are everywhere, then they must protect their assets. Read more
Published on Oct 9 2003 by Charles Ashbacher
4.0 out of 5 stars
Straight to the point book for every end user
This is a very straight to the point book for every end user.
The book is but 20 two-page chapters, but covers nearly everything a bout security about what every end user needs... Read more
Published on Sep 18 2003 by Eric Kent
4.0 out of 5 stars
Great for non-security folks
This little brochure packs a lot of good advice for end-users and non-security managers. While those in the field of security will likely learn nothing new from the book, it will... Read more
Published on Sep 17 2003 by Dr Anton Chuvakin
5.0 out of 5 stars
A Great, Accessible Manual
Initially, at the time this review is being written, Amazon.com is still misattributing the authorship of this book to a "Samuele Ghelfi. Read more
Published on Sep 3 2003
Listmania!
Look for similar items by category
Feedback
Would you like to update product info or give feedback on images?
|
