The Secured Enterprise: Protecting Your Information Assets (The Essential Guide) (Paperback)

Securing enterprise data and applications has become the critical issue for business decision-makers, especially in an age of impending cyberterrorism. But until now, most guides to information security have been highly technical -- written for programmers and network administrators, not business executives. The Essential Guide to Information Security fills the gap, providing a non-technical, up-to-the-minute briefing on both the "people" and technology issues associated with information security. Proctor and Byrnes begin by introducing the fundamentals of security, briefing decision-makers on the key threats they face, and presenting the basics of an effective security policy. They review each tool and approach available to protect data and applications, including mechanisms for identification, authentication, and access control; firewalls; vulnerability scanners and virus detectors; and intrusion detection systems. The book includes detailed explanations of virtual private networks, Public Key Infrastructure, SSL for e-commerce, single sign-on systems that integrate diverse computing platforms, and security options for wireless communications. The authors offer up-to-the-minute guidance on third-party security products and services, including risk assessment, architectural support, and managed security offerings. The book includes a complete step-by-step guide to establishing an effective security program; and concludes with a look at the legal issues and liabilities associated with Web and e-commerce security.

Securing your key digital and information assets in an age of insecurity.

Securing enterprise data, applications, and intellectual property has become THE critical issue for business decision-makers in this era of hackers and potential cyberterrorism. But until now, most books on information security have been written for programmers and networking professionals, not business people. The Secured Enterprise: Protecting Your Information Assets fills the gap, delivering a non-technical, business-focused briefing on every key aspect of information security: frompeople to process to technology.

• A guide to today's security threats—including cyberterrorism
• How to establish effective, realistic security policies
• The tools for defending your information assets
• Effective mechanisms for identification, authentication, and access control
• What firewalls can—and cannot—do
• Vulnerability scanners, virus detectors, and intrusion detection systems
• Virtual private networks: leveraging the cost savings without exposing your data to risk
• Securing B2B and B2C e-commerce
• How to evaluate third-party security products and services
• New security options for wireless applications

—Jeff Moss,
Founder, DEF CON President,
Black Hat, Inc.