La sécurité des accès mobiles : au-delà du BYOD
Title | La sécurité des accès mobiles : au-delà du BYOD PDF eBook |
Author | ASSING Dominique |
Publisher | Lavoisier |
Pages | 274 |
Release | 2012-09-18 |
Genre | |
ISBN | 2746289253 |
Au cours des dernières années, les équipements mobiles permettant de se connecter à distance au réseau d’entreprise (smartphones, ordinateurs ultraportables…) ont connu une croissance fulgurante. Les perspectives futures de développement et les nouvelles pratiques comme le BYOD (bring your own device) exposent plus que jamais le système d’information d’entreprise à des menaces d’origines diverses. La maîtrise de la sécurité des accès mobiles devient un enjeu stratégique pour l’entreprise. Cet ouvrage didactique présente un panorama des risques pesant sur les accès à distance. L’exemple concret d’un utilisateur lambda et des différentes attaques subies lors d’une « journée ordinaire » sensibilise le lecteur aux défenses standard et spécifiques qui existent pour le protéger. Le domaine de la sécurité n’étant pas uniquement lié aux seuls aspects techniques, le lien entre ces différentes recommandations et l’une des principales approches méthodologiques en la matière (ISO/IEC 27002) est également exposé.
Mobile Access Safety
Title | Mobile Access Safety PDF eBook |
Author | Dominique Assing |
Publisher | John Wiley & Sons |
Pages | 225 |
Release | 2013-02-05 |
Genre | Technology & Engineering |
ISBN | 1118577981 |
Over recent years, the amount of mobile equipment that needs to be connected to corporate networks remotely (smartphones, laptops, etc.) has increased rapidly. Innovative development perspectives and new tendencies such as BYOD (bring your own device) are exposing business information systems more than ever to various compromising threats. The safety control of remote access has become a strategic issue for all companies. This book reviews all the threats weighing on these remote access points, as well as the existing standards and specific countermeasures to protect companies, from both the technical and organizational points of view. It also reminds us that the organization of safety is a key element in the implementation of an efficient system of countermeasures as well. The authors also discuss the novelty of BYOD, its dangers and how to face them. Contents 1. An Ordinary Day in the Life of Mr. Rowley, or the Dangers of Virtualization and Mobility. 2.Threats and Attacks. 3. Technological Countermeasures. 4. Technological Countermeasures for Remote Access. 5. What Should Have Been Done to Make Sure Mr Rowley’s Day Really Was Ordinary. About the Authors Dominique Assing is a senior security consultant and a specialist in the management and security of information systems in the banking and stock markets sectors. As a security architect and risk manager, he has made information security his field of expertise. Stephane Calé is security manager (CISSP) for a major automobile manufacturer and has more than 15 years of experience of putting in place telecommunications and security infrastructures in an international context.
Protection des données sur Internet
Title | Protection des données sur Internet PDF eBook |
Author | LE GUYADER Patrick |
Publisher | Lavoisier |
Pages | 274 |
Release | 2013-01-01 |
Genre | Data protection |
ISBN | 2746295083 |
La cybercriminalité croissante atteste de la difficulté de trouver un juste équilibre entre la sécurité, la protection de la vie privée et la liberté de naviguer sur le web. Cet ouvrage expose les menaces de confidentialité qui pèsent sur les technologies fixes et mobiles, plus particulièrement au niveau de la protection des données personnelles, qu’elles soient fournies volontairement par l’utilisateur ou recueillies à son insu. Illustré d’exemples et de décisions jurisprudentielles, il décline également l'ensemble des législations nationales et internationales destinées à protéger l’internaute tout en assurant l’ordre public. Enfin, ce livre énonce les règles de bonne conduite et alerte le lecteur sur les pièges dont il peut faire l’objet sur Internet.
ON/OFF
Title | ON/OFF PDF eBook |
Author | Sarah Genner |
Publisher | vdf Hochschulverlag AG |
Pages | 231 |
Release | 2017-01-03 |
Genre | Computers |
ISBN | 3728137995 |
Are you constantly online? Or are you offline sometimes? Are you offline if you are not interacting with your connected devices? Or if no data about you is being collected? Do you check Instagram and Twitter during dinner? Do you turn off your smartphone at night? Do you check work emails on vacation? Do you feel you have to disconnect regularly – to relax, to concentrate, or to protect your privacy? Or do you feel more relaxed when constantly connected because your loved ones, a work emergency, or the news are always at your fingertips? Why are some people – even within networked societies – still completely offline given the tremendous opportunities of the Internet? And what does it even mean to be online or offline in the age of hyper-connectivity? In ON/OFF, Sarah Genner assesses the risks and rewards of the anytime-anywhere Internet, focusing on digital divides, social relationships, physical and mental health, and data privacy. She discusses implications for a variety of decision-makers in the world of work, in education, in families, and in politics. The author deconstructs the online/offline dichotomy and suggests the ON/OFF scale as a new theoretical framework for researchers and practitioners.
Guidelines on Firewalls and Firewall Policy
Title | Guidelines on Firewalls and Firewall Policy PDF eBook |
Author | Karen Scarfone |
Publisher | DIANE Publishing |
Pages | 50 |
Release | 2010-03 |
Genre | Computers |
ISBN | 1437926029 |
This updated report provides an overview of firewall technology, and helps organizations plan for and implement effective firewalls. It explains the technical features of firewalls, the types of firewalls that are available for implementation by organizations, and their security capabilities. Organizations are advised on the placement of firewalls within the network architecture, and on the selection, implementation, testing, and management of firewalls. Other issues covered in detail are the development of firewall policies, and recommendations on the types of network traffic that should be prohibited. The appendices contain helpful supporting material, including a glossary and lists of acronyms and abreviations; and listings of in-print and online resources. Illus.
The Cyber Risk Handbook
Title | The Cyber Risk Handbook PDF eBook |
Author | Domenic Antonucci |
Publisher | John Wiley & Sons |
Pages | 442 |
Release | 2017-05-01 |
Genre | Business & Economics |
ISBN | 1119308801 |
Actionable guidance and expert perspective for real-world cybersecurity The Cyber Risk Handbook is the practitioner's guide to implementing, measuring and improving the counter-cyber capabilities of the modern enterprise. The first resource of its kind, this book provides authoritative guidance for real-world situations, and cross-functional solutions for enterprise-wide improvement. Beginning with an overview of counter-cyber evolution, the discussion quickly turns practical with design and implementation guidance for the range of capabilities expected of a robust cyber risk management system that is integrated with the enterprise risk management (ERM) system. Expert contributors from around the globe weigh in on specialized topics with tools and techniques to help any type or size of organization create a robust system tailored to its needs. Chapter summaries of required capabilities are aggregated to provide a new cyber risk maturity model used to benchmark capabilities and to road-map gap-improvement. Cyber risk is a fast-growing enterprise risk, not just an IT risk. Yet seldom is guidance provided as to what this means. This book is the first to tackle in detail those enterprise-wide capabilities expected by Board, CEO and Internal Audit, of the diverse executive management functions that need to team up with the Information Security function in order to provide integrated solutions. Learn how cyber risk management can be integrated to better protect your enterprise Design and benchmark new and improved practical counter-cyber capabilities Examine planning and implementation approaches, models, methods, and more Adopt a new cyber risk maturity model tailored to your enterprise needs The need to manage cyber risk across the enterprise—inclusive of the IT operations—is a growing concern as massive data breaches make the news on an alarmingly frequent basis. With a cyber risk management system now a business-necessary requirement, practitioners need to assess the effectiveness of their current system, and measure its gap-improvement over time in response to a dynamic and fast-moving threat landscape. The Cyber Risk Handbook brings the world's best thinking to bear on aligning that system to the enterprise and vice-a-versa. Every functional head of any organization must have a copy at-hand to understand their role in achieving that alignment.
Privileged Attack Vectors
Title | Privileged Attack Vectors PDF eBook |
Author | Morey J. Haber |
Publisher | Apress |
Pages | 403 |
Release | 2020-06-13 |
Genre | Computers |
ISBN | 1484259149 |
See how privileges, insecure passwords, administrative rights, and remote access can be combined as an attack vector to breach any organization. Cyber attacks continue to increase in volume and sophistication. It is not a matter of if, but when, your organization will be breached. Threat actors target the path of least resistance: users and their privileges. In decades past, an entire enterprise might be sufficiently managed through just a handful of credentials. Today’s environmental complexity has seen an explosion of privileged credentials for many different account types such as domain and local administrators, operating systems (Windows, Unix, Linux, macOS, etc.), directory services, databases, applications, cloud instances, networking hardware, Internet of Things (IoT), social media, and so many more. When unmanaged, these privileged credentials pose a significant threat from external hackers and insider threats. We are experiencing an expanding universe of privileged accounts almost everywhere. There is no one solution or strategy to provide the protection you need against all vectors and stages of an attack. And while some new and innovative products will help protect against or detect against a privilege attack, they are not guaranteed to stop 100% of malicious activity. The volume and frequency of privilege-based attacks continues to increase and test the limits of existing security controls and solution implementations. Privileged Attack Vectors details the risks associated with poor privilege management, the techniques that threat actors leverage, and the defensive measures that organizations should adopt to protect against an incident, protect against lateral movement, and improve the ability to detect malicious activity due to the inappropriate usage of privileged credentials. This revised and expanded second edition covers new attack vectors, has updated definitions for privileged access management (PAM), new strategies for defense, tested empirical steps for a successful implementation, and includes new disciplines for least privilege endpoint management and privileged remote access. What You Will Learn Know how identities, accounts, credentials, passwords, and exploits can be leveraged to escalate privileges during an attack Implement defensive and monitoring strategies to mitigate privilege threats and risk Understand a 10-step universal privilege management implementation plan to guide you through a successful privilege access management journeyDevelop a comprehensive model for documenting risk, compliance, and reporting based on privilege session activity Who This Book Is For Security management professionals, new security professionals, and auditors looking to understand and solve privilege access management problems