Enterprise-Grade IT Security for Small and Medium Businesses: Building Security Systems, in Plain English
- Length: 165 pages
- Edition: 1
- Language: English
- Publisher: Apress
- Publication Date: 2022-10-01
- ISBN-10: 1484286278
- ISBN-13: 9781484286272
- Sales Rank: #907023 (See Top 100 Books)
Understand the IT security features that are needed to secure the IT infrastructure of a small to medium-size business. This book will give IT managers and executives a solid understanding of the different technology solutions that their business relies upon–or should be employing–in order to make reasoned decisions regarding the implementation of those features. Coverage includes multi-factor authentication, firewalls, zero-trust environments, network segmentation, remote access solutions, and the people aspects of security that are often overlooked and represent an organization’s biggest vulnerability.
Chapters on the various technologies such as multi-factor authentication and zero-trust environments explain in plain English the values and benefits that each technology provides. Clear technical explanations are accompanied by business case explanations that explain the “why” of each technology and when each technology should be implemented. You will come away equipped to have business-driven discussions with your IT staff that allow for a productive balancing of the need for security with the need to do business and drive profits.
You Will Learn
- The importance of multi-factor authentication
- The limits of what multi-factor authentication can protect
- How firewalls are used to protect your company from attackers
- What zero-trust environments are and what they mean
- Whether zero-trust networks are what is needed to secure your own environment
- The security benefits from implementing a network segmentation policy
- The best ways to access files and resources from remote locations outside the office
Who This Book Is For
Managers and executives at small to medium-size businesses who want to understand the core aspects of IT security on which their business relies, business leaders who want to be able to follow along with and engage in discussions with IT professionals about security features, and leaders who are tasked with making decisions on which IT security features to implement
1 Contents About the Author About the Technical Reviewer Introduction 978-1-4842-8628-9.webp 978-1-4842-8628-9_1 Chapter 1: Why IT Security Matters Why We Need IT Security Types of Attacks on Companies SQL Injection Credential Hijacking Internal Attacks IT Security Is Expensive: Is It Worth the Cost? Defense in Depth Specific Security Compliance Standards FedRamp SOC SOC 1 SOC 2 SOC 3 ISO/IEC 27001 Microsoft Operational Security Assurance Practices NIST STIG PCI DSS 978-1-4842-8628-9_2 Chapter 2: Network Design What Is a Ringed Network? Management of Inner Networks Separating Customer-Facing Services from Internal Services Isolation of Workloads Separation of Duties 978-1-4842-8628-9_3 Chapter 3: Firewalls What Do Firewalls Do? SNAT DNAT Does My Company Need a Firewall? The Office The Colocation Facility Firewalls and the Cloud Microsoft Azure Amazon Web Services (AWS) Google Cloud Platform (GCP) Non-Major Cloud Providers Access to the Internet Firewalls Aren’t Just for the Cloud Use a Firewall 978-1-4842-8628-9_4 Chapter 4: Distributed Denial of Service What Is a Denial-of-Service Attack? What Is a Distributed Denial of Service Attack? Why Are Distributed Denial of Service Attacks Done? Distributed Denial of Service Attacks as a Service What Do Distributed Denial of Service Appliance Services Do? Microsoft Azure Amazon AWS Google GCP What Are the Differences Between Firewalls and Distributed Denial of Service Appliances? Firewalls and Distributed Denial of Service Applications in the Cloud Do I Need a Distributed Denial of Service Appliance? 978-1-4842-8628-9_5 Chapter 5: Remote Connectivity Virtual Private Network Person-to-Site Virtual Private Network Site-to-Site Virtual Private Network Third-Party Desktop Sharing Services Azure Virtual Desktop 978-1-4842-8628-9_6 Chapter 6: Computer Operating System Security Security Updates *nix Security Windows Security Apple Security Is Windows or Linux Better? Minimizing the Attack Surface Data Encryption 978-1-4842-8628-9_7 Chapter 7: Multi-Factor Authentication Don’t Build Your Own Multi-Factor Authentication System When Should MFA Be Used? Text Messages versus Multi-Factor Authentication Applications Bypassing Multi-Factor Authentication Brute Forcing Past Multi-Factor Authentication Giving the Help Desk Person Who Calls a Multi-Factor Authentication Code Protecting Multi-Factor Authentication Requiring the Use of Company Devices Choose Platforms Carefully 978-1-4842-8628-9_8 Chapter 8: Zero-Trust Environments What Can Be Secured Using a Zero-Trust Environment? Just In Time Access Conditional Access Policy Conditions User’s Risk Profile Current Sign-in Risk Device Operating System Locations Application Login Method Device Metadata Access Controls Policy Status 978-1-4842-8628-9_9 Chapter 9: The Weakest Security Link—People Why Workers Are the Weakest Link USB Email Personalized Attacks Cell Phone Cameras Text Messages Administrative Rights on Computers Why Workers Need Regular Security Training Risks of Not Doing Regular Training Least Privilege Protecting Secrets 978-1-4842-8628-9_10 Chapter 10: Employee Training Passwords Phishing Banking Information Personal Information Login Details Spear Phishing Cat Phishing Fake Links Fake Receipts Inbound Email Security 978-1-4842-8628-9_11 Index
Donate to keep this site alive
How to download source code?
1. Go to: https://github.com/Apress
2. In the Find a repository… box, search the book title: Enterprise-Grade IT Security for Small and Medium Businesses: Building Security Systems, in Plain English
, sometime you may not get the results, please search the main title.
3. Click the book title in the search results.
3. Click Code to download.
1. Disable the AdBlock plugin. Otherwise, you may not get any links.
2. Solve the CAPTCHA.
3. Click download link.
4. Lead to download server to download.