Control and Security of E-Commerce

By Ben Rothke, CISSP

Control and Security of E-Commerce. By Gordon Smith; published by John Wiley and Sons, 877/762-2974 (phone), (Web); 225 pages; $69 (at

 Checklists, though mundane, are a key component of many jobs. They help ensure that key issues aren't overlooked, and they serve as guideposts for anyone auditing the work. This book provides technology managers with a very good preparatory set of details and checklists for their e-commerce infrastructure. The book can also show a corporate auditor what to look for to ensure that appropriate controls are in place.

Throughout its 6 chapters and 225 pages, the book offers a detailed, progressive, and structured approach for performing such audits. The book addresses technology-related issues but doesn't require the auditor to be expert in them. Among topics discussed are physical security, authentication, and passwords; checklists ensure that these features are deployed or configured correctly.

For ensuring that file servers and other elements of the e-commerce infrastructure are protected, this book is an excellent choice.

Reviewer: Ben Rothke, CISSP (Certified Information Systems Security Professional), is a New York City-based senior security consultant with ThruPoint, Inc. He is a member of ASIS International.



The Magazine — Past Issues


Beyond Print

SM Online

See all the latest links and resources that supplement the current issue of Security Management magazine.