Securing the vulnerable enterprise

Prashant Kale

Enterprise Security Robert C Newman Pearson Education, 2003 Pages 513

The spread of the Internet, coupled with the emergence of e-commerce and online B2B interaction between companies, has revolutionised the way organisations communicate and conduct business. But the diversity of technology and computing platforms and increased connectivity has resulted in increased threats to information security.

Nowadays, security assumes mission-critical status, since hackers all across the globe threaten to compromise corporate networks and gain access to valuable corporate information resources. The information could range from intellectual property, to sensitive employee information, and other classified information such as passwords, databases, customer records, product information, etc. While the threats are ever increasing, traditional methods of protection are fast becoming obsolete.

In Enterprise Security, Robert C Newman addresses these issues. Beginning with a historical perspective, the author sets the stage by presenting basic concepts in the field of enterprise security. The book is semi-technical in nature, and provides a broad working knowledge of all the major security issues affecting today’s enterprise computers and networks.

The book is designed for undergraduate students desirous of a technical career in information technology and telecom. But sales and marketing professionals in the industry too should find the book useful. The book is divided into two logical parts, covering basics and specific applications. In the first part, a general understanding of security and integrity issues of computer/networking systems in an enterprise environment is provided. In the latter part, the basic ideas are applied to specific areas of LAN, WAN and MAN system security. Since this book is primarily oriented towards students, there are plenty of exercises.

The scope of each chapter is clearly defined, and the objectives are satisfactorily met for most of the chapters. The content is open-ended, and one can use the book as a base from which to explore each topic further on the Web or elsewhere. At the end of each important chapter, one can find links to Internet resources—definitely a great help for students. I also found many of the exercises really challenging. As the author clearly states: "...Some of these exercises may qualify as semester projects, as some intense research is required to develop complete solutions." This is yet another plus point of the book.

One gap in the book is the absence of real-life case studies. Some interesting examples and caselets would really have converted the tone of this book dramatically from grim and academic to an exciting text/reference material.

As e-governance initiatives are gaining prominence and the IT-Enabled Services sector is booming in India, enterprise security is definitely an important topic. The student community will benefit a lot from Newman’s book, especially if the exercises are seriously attempted. Further, the book thrives on strikingly simple illustrative diagrams and carefully designed tables, providing a wealth of information. Overall, the book is nicely balanced between an explanation of the basic concepts of enterprise security and their application in practice.

Prashant Kale is a software engineer with Geometric Software Solutions