Practical Data Security

The power and speed of modern IT environments is such that wiping out, disclosing or corrupting an organization's records, whether deliberately or by accident, could be efficiently and silently accomplished in a very short time. Despite being aware of this issue, most organizations do not have a policy on risk and do not undertake risk analysis and management. The chapters in this book were originally papers presented at a seminar organized by UNICOM, and addresses the key points in data security. Issues covered include understanding what can go wrong and what to do about it, learning to cut through the confusing terminology, understanding the value of a risk policy and how to implement one; understanding the relevant costs and benefits of a variety of measures such as risk analysis, awareness of programs, cryptography and access control procedures. The law itself now addresses data security directly through the recent Data Protection and Computer Misuse acts. It is important to understand their implications in order to become a beneficiary rather than a victim of this legislation.
This text is suitable for information-intensive organizations, IT specialists, data security managers, security consultants, insurance specialists, computer auditors and data processing managers.