Computer Security: 20 Things Every Employee Should Know (2nd edition)

The Employee Handbook For Securing The Workplace

Using firewalls, intrusion detection, antivirus and ant-spam and other security hardware and software, companies can block or filter the vast majority of threats to network security. Unfortunately, the weakest link in network security is most often human and many companies struggle with how to educate employees in a subject they may not care about using terms they can understand. Rothke's book is informative and concise and can be leveraged as a security training tool.

About The Book

Computer Security: 20 Things Every Employee Should Know (2nd edition) is a short, pamphlet-style book. Weighing in at less than 50 pages- including a short glossary of security terms and a biography of Ben Rothke- the book is packed with information that companies wish their users knew about network security.

Here is a breakdown of the "20 Things" Rothke explains in this book:

• Beware of phishing and spyware
• Protect your identity
• Be responsible and be aware
• Choose your password wisely
• Practice safe access
• Protect your work outside the office
• Reduce e-mail risks
• Suspect e-mail hoaxes
• Work wisely with the Web
• Avoid Internet dangers
• Master instant messaging
• Use firewalls and patches
• Use PDAs safely
• Back up and secure data
• Manage data wisely
• Secure your workspace
• Beware of social engineers
• Use corporate resources only for work
• Call the experts when things go wrong

At only $7.95 per copy (or as little as $6.00 per copy when ordered in bulk), the book represents a tremendous value and may be a wise investment compared with other attemtps at corporate security awareness.

My Review

Network security is only as strong as its weakest link. Having top of the line firewalls, intrusion detection, antivirus and other security tools deployed will do little good if a user unwittingly gives his username and password to a malicious attacker. The sad fact is that the users, the employees who use the network, are the weak link in the security chain.

The other issue is that many employees don't truly care about company assets, or at least not enough to embark on a journey to learn about how to better secure them. But, most people have computers at home tha they use personally and have kids that use them. That means that they have a vested interest in learning computer and network security, even if it isn't because they want to safeguard the company network.

Rothke's book provides brief, but clear, explanations of 20 of the most important things that users should know in order to use their computer, e-mail, and the Internet without becoming a victim. Some of the information, such as Use Firewalls and Patches, is really outside the scope of what an employee should know. But, they can apply the information at home and it provides a better understanding of why they need those things at work as well.