|
Title:
Safety Net: Protecting Your Business on the Internet
Review:
Safety net outlines a number of potential threats to online businesses
such as fraud, sabotage, espionage, piracy or identity theft, and it
notes that all manner of organisations are candidates for intruders,
whether they be business enterprises, not-for-profit organizations or
government agencies.
One chapter is entitled "the insecure employee" and looks at how
the computer systems of enterprises are assaulted by insiders. Indeed,
it points out that in some cases employees can unwittingly access,
modify, and erase proprietary data or disclose sensitive information.
Safety net recognises that security breaches are costly both in terms
of hard costs such as monetary and productivity losses; but also in
terms of public relations where damage is expressed through customer
and reputation losses.
The threats can involve not just online financial fraud. Companies can
also experience theft of proprietary information and corporate
secrets. One section, for example, looks at intellectual property
security or digital rights management.
The whole purpose of the book is to make the reader aware of the
potential threats that exist. It aims to provide practical solutions
to counter those online security threats as it runs through
prevention, detection and recovery counter-measures. It lists a top
ten of common mistakes that organizations make, such as failing to
install updates or patches when security holes are found. This book
also deals with how to undertake security risk assessments for your
organisation and how to create an effective security policy.
Kathleen Sindell notes that companies can acquire a competitive
advantage by ensuring that each customer feels that his or her
consumer rights and privacy are protected online; and one of the
book's fourteen chapters is devoted to the topic of safeguarding your
customer's privacy.
Ms Sindell quotes surveys which show that the majority of businesses
have encountered computer breaches, many indeed experience a number of
such breaches. She devotes one chapter to the question of how to
handle public relations after a cyber attack including preparing and
planning for crisis communication, inspiring confidence after an
attack, and the question of whether or not to report a cyber-crime.
The book is written in plain English, and remains technically accurate
without being full of jargon. It is 329 pages long, is clearly set out
and there are illustrations throughout such as flow charts or
matrices. There are also a number of checklists, for example for web
server security, and an 'after the hack attack' checklist. There is a
glossary, and also a 'resource center' which groups together a number
of web-based sources of information under themes such as encryption
information or intrusion detection.
Free Pint Reviewer:
Paul Pedley is Head of Research at the Economist Intelligence Unit. He
is the author of four books published through Aslib, and writes and
trains on legal issues relating to information matters and also on
searching the web. Paul is currently writing a book for Facet
Publishing - "Essential law for information professionals".
Related Free Pint Links:
| 
