Organizations with computer networks, Web sites, and employees carrying laptops and Blackberries face an array of security challenges. Among other things, they need to keep unauthorized people out of the network, thwart Web site hackers, and keep data safe from prying eyes or criminal hands. This book provides a high-level overview of these challenges and more. But it is not for the hard-core IT security engineer who works full time on networks.
Instead, it is aimed at the nontechnical executive with responsibility for ensuring that information and assets stay safe and private. Written by a practicing information security officer, Philip Alexander, the book contains the latest information and arms readers with the knowledge they need to make better business decisions. Information Security: A Manager’s Guide to Thwarting Data Thieves and Hackers covers the following technical issues in a nontechnical manner: -The concept of “defense in depth” -Network design -Business-continuity planning -Authentication and authorization -Providing security for your mobile work force -Hackers and the challenges they can present -Viruses, Trojans, and worms But it doesn’t stop there. The book goes beyond the technical and covers highly important topics related to data security like outsourcing, contractual considerations with vendors, data privacy laws, and hiring practices. In short, Alexander gives the reader a 360-degree look at data security: What to be worried about; what to look for; the tradeoffs among cost, efficiency, and speed; what different technologies can and can’t do; and how to make sure technical professionals are keeping their eyes on the right ball. Best of all, it conveys information in an understandable way, meaning managers won’t need to rely solely on the IT people in their own company–who may speak an entirely different language and have entirely different concerns. Hackers and data thieves are getting smarter and bolder every day. Information Security is your first line of defense.