Order from a Major Online Bookstore
Ultimate Book Price Comparison Engine
Save Your Time And Money
| AnyBook4Less.com | Order from a Major Online Bookstore |
|
| Home | Store List | FAQ | Contact Us | | ||
| Ultimate Book Price Comparison Engine Save Your Time And Money |
||
 |
Title: Information Security Best Practices: 205 Basic Rules by George L. Stefanek ISBN: 1-878707-96-5 Publisher: Butterworth-Heinemann Pub. Date: 19 March, 2002 Format: Paperback Volumes: 1 List Price(USD): $29.99 |
Average Customer Rating: 2.67 (3 reviews)
Rating: 2
Summary: too many mistakes/no best practices
Comment: This book had a lot of potential, but it has far too many mistakes.
It does not take into consideration corporate best practices.
There are better books out there, use them.
Rating: 5
Summary: Excellent Book
Comment: I thought this book was very easy to read and understand. I must commend the author for making technical material so easy to understand even for a novice like myself. Everything I wanted to know about information security was in this book. I highly recommend it.
Rating: 1
Summary: Too many mistakes and errors in this book
Comment: Security 101 dictates the importance of an effective set of information security policies and procedures. The granddaddy of such books is Information Security Policies Made Easy by Charles Cresson Wood that contains over 1000 well-written security policies.
The importance of best practices for information security is easily understood in the post September 11 era, combined with the fact that more and more companies are connecting their corporate networks to untrusted public networks without the appropriate level of security and protection.
With such a need, Information Security Best Practices: 205 Basic Rules sounded like it could fill such a void. Unfortunately, the book suffers from a number of flaws. First, its organizations is not logical. The book starts chapter 1 with the topic of e-mail spam, while a fundamental topics such as network architecture is not dealt with until chapter 5.
The book contains numerous errors. While some are small, many others were rather significant. Innocuously, the author called the ICSA the NCSA, even though its name was changed over 4 years ago. Incorrectly, the book states the an uninterruptible power supply (UPS) will eliminate power surges along power lines. A UPS will provide protection from power surges, but can't eliminate them. Finally, the book states as a best practice to use halon for fire control, yet halon production was banned under the Clean Air Act of 1994.
The author has significant department of defense experience, which explains why the book would suggest security controls such as C2 and TEMPEST shielding. First off, the C2, from the Orange Book has been retired and replaced by the Common Criteria. Secondly, TEMPEST shielding is far too expensive for most companies, combined with the fact that the there are few individuals who are competent in Tempest technology in the private sector, since the specifics of TEMPEST are still classified.
Those looking for a good reference would be better served by reading Information Security Policies Made Easy or its less expensive cohort Writing Information Security Policies by Scott Barman (New Riders, 2001 ISBN: 157870264X)
 |
Title: Information Assurance by Daniel Jennings, Joseph Boyce ISBN: 0750673273 Publisher: Butterworth-Heinemann Pub. Date: 15 June, 2002 List Price(USD): $44.99 |
Thank you for visiting www.AnyBook4Less.com and enjoy your savings!
Copyright� 2001-2021 Send your comments
