As we all know, computers are now an integral part of everyday operations. All organisations depend on them. A system failure can have a major impact on the organisation. Therefore, potential vulnerabilities in a computer system which could undermine operations must be eliminated, or if this is not possible, then they should at least be minimised. The International Handbook of Computer Security has been written to aid management and information systems professionals to protect their computers and systems from a wide variety of threats. Security concerns have increased over recent years, and with the increased use of networked computers, including the Internet and Intranet, there has been a profound effect on computer security. The main advantage of remote access through networks ‐ convenience ‐ is, in fact, what makes the system more vulnerable. As the number of points from which a computer can be accessed increases, so does the threat of attack.
Computer security risks fall into many categories. Threats can come from computer criminals and “vandals”, or from disgruntled employees, who may intend to defraud, sabotage or “hack”. Another threat can come from computer users who are merely inexperienced or careless. Then there are environmental threats. Systems must be protected from disaster like fire or flood. An effective security plan must take into account all of these threats, and more besides.
The major steps in managing computer security are discussed in this book. The resources that need to be protected are identified. Sometimes, organisations may think that their information will be useful to no one but themselves, and may ignore security precautions. This is a serious mistake to make. Hackers sometimes steal or destroy information simply because it is there. So all organisations need a comprehensive security plan for their systems, and this is where this publication aims to help.
The International Handbook of Computer Security aims to deal with all aspects of protecting systems. It is intended to provide practical and intensive guidance on a wide range of issues, emphasising practical rather than theoretical guidance. Topics covered include company security policy, physical security, data preservation and protection, hardware and software security, personnel management and security, network security, contingency planning and legal issues. Costs and benefits of various security safeguards are also discussed, including the costs to the organisation in terms of staff morale. Employees may resent the inconvenience that comes with additional security safeguards. The book aims to help you try and find the right balance.
Throughout the whole book, examples are provided to illustrate practical applications. FAQs are answered, too. Checklists, charts, graphs, diagrams, report forms, tables and illustrations are extensively used to enhance the handbook’s practical use. The techniques explained can be used as they are or modified to suit an organisation’s needs. There is an appendix covering security software and the book is complemented by a useful index of around 20 pages, each of two columns.
This is an essential read or purchase for any systems manager or technical support professional, no matter what size the organisation. I would also make sure it is on the shelves of my library. It is an ideal reference tool for students studying information and communications technology and is a handy little book for locating many of the terms associated with computer security.
