..."delivers practical security advice on a range of issues." -- Internet Works * 78 per cent of large businesses suffered at least one malicious security breach in 2002 * Effective strategies for managing risks online and defense against the internet's "dark side" * "Best practice" advice from leading advisers and case studies from successful firms The second edition of this invaluable book highlights the key issues and identifies best practice in online risk management, taking the premise that information security is no longer an issue confined to the IT department but is critical to all operational functions: finance, HR, marketing, production etc. Nor are its solutions purely technical. With two thirds of security breaches said to be caused by human error, management controls and processes are equally important. "The Secure Online Business Handbook" draws on the experience of leading firms and their advisers and uses up-to-date case studies to illustrate "best practice" in online risk management. New features include chapters on broadband and biometrics, and an in-depth look at online payments, including in particular the spate of attacks in 2003 using worms, viruses and phish. Contributions from Nokia, Computacenter, British Standards Institute, the Fraud Advisory Panel, ClearCommerce, Netscreen, Globalsign, Macrovision, Websense, Easynet, the Central Sponsor for Information Assurance, Royal Bank of Scotland, Simmons & Simmons and KrollOntrack, Contents include: Information at risk; Points of exposure; Software protection; Security policies; Organizational back-up; Contingency planning. Published in association with the Institute of Directors.
Author(s): Chris Ollington
Edition: 2nd
Year: 2004
Language: English
Pages: 252
Contents......Page 10
Foreword......Page 16
1 Information at risk......Page 24
1.1 The business case for IT security......Page 26
1.2 Recent attack trends......Page 31
1.3 Security: the threat from within......Page 39
1.4 Cyberliabilities in the workplace......Page 45
1.5 The marketing dimension......Page 51
2 Points of exposure......Page 58
2.1 Broadband......Page 60
2.2 E-mail......Page 66
2.3 Web security......Page 70
2.4 Network vulnerabilities......Page 79
2.5 Wireless applications......Page 84
2.6 Protecting online privacy......Page 88
2.7 Online payments: safeguarding against fraud......Page 97
2.8 Online payments: key areas of exposure......Page 106
2.9 Spyware in the workplace......Page 112
3 Software protection......Page 116
3.1 Intrusion detection......Page 118
3.2 Firewalls......Page 123
3.3 Viruses......Page 127
3.4 Authentication and encryption......Page 131
3.5 Digital signatures......Page 137
3.6 Biometrics......Page 142
3.7 Digital rights......Page 148
3.8 License at will......Page 153
4 Operational management......Page 158
4.1 Developing a culture of security in the workplace......Page 160
4.2 Security as standard......Page 167
4.3 Countering cybercrime: risk management......Page 172
4.4 Countering cybercrime......Page 181
4.5 Centralized security......Page 187
4.6 Electronic contracting......Page 194
4.7 Information security training......Page 200
4.8 Outsourced solutions......Page 204
4.9 Securing the mobile......Page 209
5 Contingency planning......Page 216
5.1 Business continuity and crisis management......Page 218
5.2 Dealing with the risks of peer-to-peer......Page 229
5.3 Data recovery......Page 232
5.4 Crisis or disaster management......Page 237
Forensics......Page 243
