The Internet Security Guidebook: From Planning to Deployment (The Korper & Ellis E-commerce Books) [Paperback]

The business opportunities of the Internet can seem overshadowed by the dangers, with news stories about hackers breaking into computer systems. Many of the attacks are known and any business wanting to go online can minimise the threat by taking precautions and creating a security policy covering not just the physical and network security elements but also the individual responsibilities of network users. Written by experienced security architects, The Internet Security Guidebook shows you how to protect your business, starting with a comprehensive security review.

There's a thorough section on passwords and password management. The useful overview of firewalls leads into an assessment form to help you define the type of firewall you need. There's a chapter on how to handle security incidents and a useful overview of cryptography and public key infrastructures before the book introduces secure networks and the tools you can use to reduce the risks to your company, including SSL.

Other security technologies covered include authentication tools and how to protect your e-mail system. The book is up to date--for example it covers the recent spate of VBScript e-mail worms--and it's thorough; it's written by people who know what they're doing.

This isn't a book for security engineers or experts; you won't learn how to configure a firewall. Instead it's aimed at IT directors and managers who need to ensure the security of their company. But if you're looking for tools to help you manage a risk analysis and plan a security policy this very useful book will help you get your company in shape for the Internet. --Penny Jannifer

"A practical guide with well presented explanations of both the technical and human sides of a particular aspect of computer security." --Book News, No. 7, 2001 "...a significant contribution to the body of literature in the field of information security..." --Information Security Bulletin, June 2001

The Internet Security Guidebook provides a complete analysis of an enterprise's Internet security. Strategies, steps, and procedures for conducting business securely on the Internet are discussed and reviewed. Very few organizations take the needed precautions to protect their Internet enterprise. Protection is not simply a firewall or technology; it is a strategy that encompasses risk, trust, business goals, security processes, and technology. The holistic approach offered in this book evaluates security needs in relation to business goals and the current attacks on the global Internet. The goal of The Internet Security Guidebook is to protect the business-computing environment by keeping our online enterprises functioning correctly and securely. Unlike other books available, this book contains a complete guide to Internet security that is accessible to both novices and computer professionals. The specific steps discussed and illustrated show the reader how to implement security from the individual process to the complete corporate enterprise. The reader will also learn about resources that can help such as the Computer Emergency Response Team (CERT), the Federal Bureau of Investigation (FBI), and even their own software vendors.

Juanita Ellis has been at the forefront in working with corporations in the areas of convergence, computer Security and e-business. Some of these companies include Sony, JCPenney, SWBell, Boeing, Xerox, Bell Atlantic, MCI, Citibank and Toyota. Currently, she works with companies in helping deploy voice and data networks, converged solutions, VPN security and call center applications. In addition, she was a technical manager at Lotus/IBM for the southern, mid-Atlantic, and eastern regions of the United States. As a technical manager, she was responsible for designing and architecting enterprise-wide applications that integrated with enterprise resource planning systems, Internet technologies, and relational and transaction-based systems. She is currently an independent consultant. Timothy Speed is an infrastructure and security architect for Lotus Professional Services (LPS), an IBM company. Tim has been involved in Internet and messaging security for the last 8 years. He has assisted with the Domino infrastructure at the Nagano Olympics and the Lotus Notes systems for the Sydney Olympics. Certifications include MCSE, VCA (VeriSign Certified Administrator), Lotus Domino CLP Principal Administrator, and Lotus Domino CLP Principal Developer. He and Juanita Ellis are the co-authors of books on Internet security and e-business.