The Internet Security Guidebook: From Planning to Deployment / Edition 1 available in Paperback
![The Internet Security Guidebook: From Planning to Deployment / Edition 1](http://img.images-bn.com/static/redesign/srcs/images/grey-box.png?v11.9.4)
The Internet Security Guidebook: From Planning to Deployment / Edition 1
- ISBN-10:
- 0122374711
- ISBN-13:
- 9780122374715
- Pub. Date:
- 01/22/2001
- Publisher:
- Elsevier Science
- ISBN-10:
- 0122374711
- ISBN-13:
- 9780122374715
- Pub. Date:
- 01/22/2001
- Publisher:
- Elsevier Science
![The Internet Security Guidebook: From Planning to Deployment / Edition 1](http://img.images-bn.com/static/redesign/srcs/images/grey-box.png?v11.9.4)
The Internet Security Guidebook: From Planning to Deployment / Edition 1
Paperback
Buy New
$78.95Buy Used
$61.40-
-
SHIP THIS ITEM
Temporarily Out of Stock Online
Please check back later for updated availability.
-
Overview
Product Details
ISBN-13: | 9780122374715 |
---|---|
Publisher: | Elsevier Science |
Publication date: | 01/22/2001 |
Series: | The Korper and Ellis E-Commerce Books Series |
Pages: | 320 |
Product dimensions: | 7.38(w) x 9.25(h) x (d) |
About the Author
Currently, she works with companies in helping deploy voice and data networks, converged solutions, VPN security and call center applications. In addition, she was a technical manager at Lotus/IBM for the southern, mid-Atlantic, and eastern regions of the United States. As a technical manager, she was responsible for designing and architecting enterprise-wide applications that integrated with enterprise resource planning systems, Internet technologies, and relational and transaction-based systems. She is currently an independent consultant.
Timothy Speed is an infrastructure and security architect for Lotus Professional Services (LPS), an IBM company. Tim has been involved in Internet and messaging security for the last 8 years. He has assisted with the Domino infrastructure at the Nagano Olympics and the Lotus Notes systems for the Sydney Olympics. Certifications include MCSE, VCA (VeriSign Certified Administrator), Lotus Domino CLP Principal Administrator, and Lotus Domino CLP Principal Developer.
He and Juanita Ellis are the co-authors of books on Internet security and e-business.
Read an Excerpt
Chapter 1: Let's Do Business
An International Data Corporation (IDC) survey of 300 commercial U.S. companies with revenues over $100 million showed that information technology executives feel that although the Internet will fuel e-commerce growth, its increased use will endanger the internal security of their companies. Commented Chris Christiansen, program director with IDC's Internet Security service, "The increased use of the Internet is clearly seen as both heaven and hell-heaven because electronic commerce can boost revenues and lower costs, hell because it opens up networks and servers to external and, more significantly, internal attacks. IT executives are dealing with these challenges and opportunities by radically increasing spending on firewalls, encryption, antivirus, intrusion detection, single sign-on, public key infrastructure/certificate authority, and other security management software." Of the information technology executives that IDC surveyed, 50 percent believe that the number of security incidents in their companies will grow by 20 percent every year. These information technology executives have confidence in their current security systems, however, and are even more optimistic about the abilities of future security technologies to protect their enterprises. The IDC breaks down the overall Internet security software market into several categories, including the following.- Firewalls
- Encryption software
- Antiviral software
- Authorization, authentication, and administration software
Firewalls, used to govern access and in the enforcement of security restrictions, will experience the fastest growth. It is expected that global revenues in the firewall market will grow by 40 percent each year through 2002. By 2002, antiviral software will be the largest market with revenues close to $3 billion. Data gathered from the survey conducted by IDC shows the high costs enterprises face due to loss of productivity and downtime as a result of virus attacks. In a one-year period, the average site in the IDC survey suffered 81 virus infection incidents. Viruses affect 12.3 percent of all users, incurring over one hour of downtime while the problem is repaired. Administrators spend an average of 79 minutes eradicating each viral infection. This loss of productivity and downtime adds up to big bucks. Antiviral software has been found to be a very cost-effective weapon against viral attacks.
The information technology executives in the IDC survey reported that two main obstacles impede the development of Internet security: high costs and lack of integration. If these issues can be resolved, then great gains can be realized in the security technology market according to Christiansen.
1.1 Security Components
Internet security is not simply a set of tools, documents, or software. It is a holistic attitude to protecting your business-a state of mind. This is the security formula for an Internet business environment. SE =(Pz+T) * C
SE (Secure Environment) = [Pz (Policy and Procedures) + T (Tools) * C (Commitment).
Each item is very important: Policy and procedures drive the security of the environment; Tools help implement the security requirements; and Commitment is required to make it all work. As the formula shows, if an organization creates the best policy in the world and then buys the best tools available but has zero commitment, the business environment security will fail-guaranteed.
Commitment
Therefore, let's start with the most important factor-commitment. The organization needs to integrate security into every facet of the business. We call this the "top down and bottom up approach." First, you need management to drive the importance of security. Security starts at the top of the organization and moves down to the individual contributor. It is not just an added on burden that must be reviewed annually as part of the budget process, but it is an integral part of every process and subsystem. Security is implemented from the bottom of the organization up to the CxOs (any chief officer of the organization: CEO, CIO, CFO). The biggest mistake an Internet-facing enterprise can make is considering Internet security an "evil necessity." Internet security should be looked at as a competitive asset. How your business functions says a lot about the quality of your company, including its security. It is important that your customers feel comfortable and secure doing business on your site. Corporations demonstrate their commitment to security by the amount of dollars they spend. The survey conducted by IDC found that the worldwide Internet security software market grew from $1.2 billion in 1996 sales to an estimated $3.1 billion in 1998. This figure had increased to over $4 billion in 1999, and it is forecast to grow to $7.4 billion by 2002.
In February 2000, following the DDoS attacks on several Internet sites, ICSA.net announced the formation of the Alliance for Internet Security. Established in 1989 as an independent corporation to promote the improvement and deployment of security technology, ICSA.net is the security industry's unifying source for vital standards and information. Through publication of its monthly In formation Security magazine, which reaches thousands of industry professionals, ICSA.net is the worldwide leader in security assurance services for Internet-connected companies.
With the formation of the Alliance for Internet Security, ICSA.net released guidelines to assist companies in identifying and solving potential security problems.
The Alliance for Internet Security included as its founding members Cable One, Cable & Wireless, Digex (a Web and application hosting provider), Global Center, Global Crossing, GTE Internetworking, Level 3 Communications, Road Runner, and Sprint.
The chair of the Alliance, Peter Tippett, stated, "The members of the Alliance are coming forward to be part of the solution and demonstrate their commitment to do the right thing on behalf of all of the Internet. DDoS attacks are a "public health" problem...