ISO27001 in a Windows Environment
2nd Edition
Published on 20. April 2010
Book
Paperback/Softback
322 pages
978-1-84928-049-5 (ISBN)
Description
Implementing ISO27001 in a Windows(R) Environment, Second Edition The best practice implementation handbook for a Microsoft(R) Windows(R) environment Brian Honan Organisations can minimise the risks to the vital information in their possession by putting in place an information security management system (ISMS). However, this can provide a significant implementation challenge for any organisation. A significant number of the controls to be applied will, of necessity, be technical and will relate to how IT hardware and software are set up and configured. Once an organisation decides to adopt ISO27001, it will be the job of the IT team to implement many of the associated controls. As a result, there is often a gulf in understanding as to what is required between the ISO27001 ISMS project manager and those responsible for implementing the technical controls. Implementing ISO27001 in a Windows(R) Environment, Second Edition, enables parties on both sides to bridge the gulf. It helps both IT managers and ISMS project managers to understand the requirements of ISO27001 and its step-by-step advice will make the road to ISO27001 implementation much easier.
Providing practical advice on how to configure and secure a Microsoft(R) environment using ISO27001 controls, the book shows IT managers how they can take advantage of the Microsoft(R) technologies at their disposal. Covering best practice implementation over a wide range of Windows(R) environments, this second edition is completely up to date for Windows(R) 7 and Server(R) 2008. The author, Brian Honan, is recognised as an industry expert on information security, in particular the ISO27001 information security standard. An independent consultant based in Dublin, Ireland, Brian provides consulting services to clients in various industry segments. He was a founding member of the Irish Corporate Windows NT(R) User Group and he also established Ireland's first ever Computer Security Incident Response Team. Make it easier to implement ISO27001 in a Windows(R) environment with this step-by-step guide!
Providing practical advice on how to configure and secure a Microsoft(R) environment using ISO27001 controls, the book shows IT managers how they can take advantage of the Microsoft(R) technologies at their disposal. Covering best practice implementation over a wide range of Windows(R) environments, this second edition is completely up to date for Windows(R) 7 and Server(R) 2008. The author, Brian Honan, is recognised as an industry expert on information security, in particular the ISO27001 information security standard. An independent consultant based in Dublin, Ireland, Brian provides consulting services to clients in various industry segments. He was a founding member of the Irish Corporate Windows NT(R) User Group and he also established Ireland's first ever Computer Security Incident Response Team. Make it easier to implement ISO27001 in a Windows(R) environment with this step-by-step guide!
More details
Edition
2nd New edition
Language
English
Place of publication
Ely
United Kingdom
Target group
Professional and scholarly
Edition type
New edition
Product notice
Paperback (trade)
Illustrations
1, black & white illustrations
Dimensions
Height: 216 mm
Width: 140 mm
Thickness: 17 mm
Weight
375 gr
ISBN-13
978-1-84928-049-5 (9781849280495)
Copyright in bibliographic data and cover images is held by Nielsen Book Services Limited or by the publishers or by their respective licensors: all rights reserved.
Schweitzer Classification
Other editions
Additional editions
Brian Honan
ISO27001 in a Windows ® Environment
The best practice handbook for a Microsoft(R) Windows(R) environment
E-Book
04/2010
IT Governance Publishing
€60.99
Available for download
Previous edition
Brian Honan
Implementing ISO27001 in a Windows Environment
the Best Practice Implementation Handbook for a Microsoft Windows Environment
Book
02/2009
IT Governance Publishing
€69.54
Article exhausted; check for reprint
Persons
Brian Honan, is recognised as an industry expert on information security, in particular the ISO27001 information security standard. An independent consultant based in Dublin, Ireland, Brian provides consulting services to clients in various industry segments. He was a founding member of the Irish Corporate Windows NT(R) User Group and he also established Ireland's first ever Computer Security Incident Response Team.
Content
Introduction Chapter 1: Information and Information Security Information security concepts Other information security concepts The importance of information security Chapter 2: Using an ISMS to Counter the Threats System security versus information security The structure of an ISMS Managing exceptions to the policy Chapter 3: An Introduction to ISO27001 The ISO27000 standards family History of ISO27001 What is in the ISO27001 standard? The plan, do, check and act cycle (PDCA) What are the benefits of ISO27001? Chapter 4: Identify your Information Assets Define the scope of the ISMS Identifying your information security assets Chapter 5: Conducting a Risk Assessment What is risk? Managing risks The different types of risk analysis Risk management tools Chapter 6: An Overview of Microsoft Technologies Microsoft(R) Windows Server(R) 2008 Microsoft(R) Windows(R) 7 Microsoft(R) Forefront Microsoft(R) Systems Center Microsoft(R) Windows Server(R) Update Services Microsoft(R) Baseline Security Analyzer Contents Microsoft Security Risk Management Guide Microsoft(R) Threat Analysis and Modeling Enterprise Edition Microsoft(R) CAT.NET Microsoft(R) Source Code Analyzer for SQL Injection Chapter 7: Implementing ISO27001 in a Microsoft environment Section 4 Information security management system Section A.5 Security policy Section A.6 Organisational security Section A.7 Asset management Section A.8 Human resource security Section A.9 Physical and environmental security Section A.10 Communications and operations management Section A.11 Access control Section A.12 Information systems acquisition development and maintenance Section A.13 Information security incident management Section A.14 Business continuity management Section A.15 Compliance Chapter 8: Securing the Windows(R) environment Windows Server(R) 2008 architecture Domain user accounts naming standards Chapter 9: Securing the Microsoft(R) Windows Server(R) platform Recommended settings Chapter 10: Auditing and Monitoring Configuring auditing of file and resource access Event log settings Events to record Chapter 11: Securing your Servers Contents Protecting files and directories Appendix 1: Overview of security settings for Windows Server(R) 2008 servers and domain controllers Service pack and hotfixes Account and audit policies Event log settings Security settings Service settings User rights Registry permissions File and registry auditing Appendix 2: Bibliography, Reference and Further Reading ISO27001 resources Microsoft resources Microsoft products Other resources ITG Resources