Secure Internet Practices

Best Practices for Securing Systems in the Internet and e-Business Age

By Patrick McBride, Jody Patilla, Craig Robinson, Peter Thermos, Edward P. Moser

© 2001 – Auerbach Publications

232 pages | 63 B/W Illus.

Purchasing Options:
Paperback: 9780849312397
pub: 2001-09-10
Currently out of stock
US Dollars$109.95

About the Book

Is your e-business secure? Have you done everything you can to protect your enterprise and your customers from the potential exploits of hackers, crackers, and other cyberspace menaces? As we expand the brave new world of e-commerce, we are confronted with a whole new set of security problems. Dealing with the risks of Internet applications and e-commerce requires new ways of thinking about security.

Secure Internet Practices: Best Practices for Securing Systems in the Internet and e-Business Age presents an overview of security programs, policies, goals, life cycle development issues, infrastructure, and architecture aimed at enabling you to effectively implement security at your organization. In addition to discussing general issues and solutions, the book provides concrete examples and templates for crafting or revamping your security program in the form of an Enterprise-Wide Security Program Model, and an Information Security Policy Framework.

Although rich in technical expertise, this is not strictly a handbook of Internet technologies, but a guide that is equally useful for developing policies, procedures, and standards. The book touches all the bases you need to build a secure enterprise. Drawing on the experience of the world-class METASeS consulting team in building and advising on security programs, Secure Internet Practices: Best Practices for Securing Systems in the Internet and e-Business Age shows you how to create a workable security program to protect your organization's Internet risk.

Table of Contents


Brief History of the Internet

Size and Growth of the Internet

Implications for Security

Business Uses of the Internet

Security in the Internet and E-Commerce Age

A Formula for Quantifying Risk



The Present Information Systems Environment

A Risk Construct

Information Risk Management

Enterprise-Wide Information Security Program Elements: Framework, Organization, Technology, and Process

Creating a Successful Security Program

Building the Security Program



The Impact of the Internet

Characteristics of Good Information Security Policy

METASeS Information Security Policy Framework

Policy Interpretation

Information Security Policy Life Cycle

Assessing Policy Needs

Developing Information Security Policy

Implementing and Deploying Policy

Maintaining Information Security Policy


Chapter Components

Information Security Goals

Web and e-Commerce Security Architecture

The Process of Formulating Architecture

Types of Architecture

System Development Life Cycle Methodology

Underlying Infrastructure Components


Appendix A: Sample Excerpt from an Information Security Program Gap Analysis

Appendix B: Excerpts from Technology Standards and Configuration Guides Publications

Appendix C: Resources for Information Security and Policy

Appendix D: Examples of Processes and Procedures

Appendix E: Trends in Security Spending



Subject Categories

BISAC Subject Codes/Headings:
COMPUTERS / Information Technology
COMPUTERS / Networking / General
COMPUTERS / Security / General