Commonsense computer security : your practical guide to information protection

Information is a vital corporate resource but it can also be a liability. This book explains in practical, jargon-free terms how an organization can cost-effectively reduce the risk to information stored, processed and transmitted by their computer systems. Business managers and computer operators alike should find that every possible means of data is explored and can be readily applied and passed on to all staff. This new edition discusses the latest developments in the field and includes coverage of legislation and computer crime. The book addresses business issues as well as technical ones, discusses each specific risk and gives advice on protection policies.

• Part 1 The nature of the problem: the nature of computer security
• threats and vulnerabilities
• assessing the risks
• countering the dangers
• valuing data
• developing a computer security policy. Part 2 Responsibilities for computer security: computer versus security staff?
• allocation of computer security duties
• registration of computers. Part 3 The countermeasures: physical security
• document security
• personnel security
• hardware security
• software security and logical access control
• evaluation, certification and accreditation
• compromising emanations (TEMPEST)
• communications and network security
• business continuity planning and disaster recovery
• computer insurance
• security of personal computers
• computer viruses
• training and awareness. Part 4 Crime and legislation: computer crime
• computer security and the law.