Home | Services | Events | Features | Interviews | Profiles | Reviews | News | Resources | Press | Archive

Computer Security - 20 Things Every Employee Should Know (2nd edition)

by Robert Earls

With the advent of high speed internet over the last few years, it's become more important than ever that PCs are secured against external, and internal, threats to the security of the PC and the data held within. But a balance must be reached so that the PC is not so tightly secured that it makes an employee's job difficult. How much freedom you decide to give your employee is where you draw that line. The more freedom you give your employee the more they will feel trusted, but the more risk you take with your security.

That's where this new book by Ben Rothke, published by McGraw-Hill, comes in. Designed to be given to each employee in an organisation, every element of security is covered in small easily digestible chapters made up of a typical office scenario with some security risks, and a suggestion of solutions. It covers topics such as

• Phishing - An email that is apparently from a legitimate organisation, usually a financial company, asking you to verify your account by logging into a duplicate copy of that organisation's website. In cases like this your password is then subsequently used to access your real account details.
• Malware - Apparently benign software which unknowingly performs other tasks on your computer without your knowledge. Such as spreading viruses, reducing or disabling the security settings on the computer.
• Passwords - Choosing an easily guessable password is a very common mistake that employees make. Using a childs names, pets name, "fred", or "password" when you should be using a mixture of random letters and numbers, or at the very least a mixture of words and numbers.
• PDAs / USB keys - The recent explosion in use of portable devices which can transfer sensitive data is dealt with. Encryption and password protection are advised.

Anti-virus, firewall and anti-spyware software are also discussed and advised, but I would imagine that the typical user of this book would have these installed by a systems administrator. However, the importance of installing such software, and the subsequent updates, cannot be underestimated and a book like this would be incomplete without mentioning them.

To a certain extent this book is aimed at people who are already aware of the problems and have encountered the jargon before and in this way it succeeds in reminding people that they are in a different environment at work, and therefore need to have a different level of security consciousness. It does this in a non-patronising and informative way.

However, if this book was given to a complete newcomer to PCs in the workplace, then I think they may struggle with it. Although there is a glossary of security terms at the back of the book, a personal approach may be more useful.

This is a well thought out book which covers all of the important current security issues as well as some of the less obvious ones. At £5.00 it is well worth investing in a copy for current and new employees.

"Computer Security - 20 Things Every Employee Should Know" (2nd edition) is written by Ben Rothke, CISSP, and published by McGraw-Hill. The book is available directly from the publishers at www.mcgraw-hill.co.uk, and from other online booksellers including www.amazon.co.uk for £4.99.

About the Author
Robert Earls has worked for many years as a Technical Consultant in the IT industry. He now runs a successful online business www.argentice.co.uk.

Home | Services | Events | Features | Interviews | Profiles | Reviews | News | Resources | Press | Archive
About ITWales | Privacy Policy
All material on this website ©2002-2008 ITWales