Control and Security of E-Commerce. By Gordon Smith; published by John Wiley and Sons, 877/762-2974 (phone), www.wiley.com [2] (Web); 225 pages; $69 (at www.amazon.com [3]).
Checklists, though mundane, are a key component of many jobs. They help ensure that key issues aren't overlooked, and they serve as guideposts for anyone auditing the work. This book provides technology managers with a very good preparatory set of details and checklists for their e-commerce infrastructure. The book can also show a corporate auditor what to look for to ensure that appropriate controls are in place.
Throughout its 6 chapters and 225 pages, the book offers a detailed, progressive, and structured approach for performing such audits. The book addresses technology-related issues but doesn't require the auditor to be expert in them. Among topics discussed are physical security, authentication, and passwords; checklists ensure that these features are deployed or configured correctly.
For ensuring that file servers and other elements of the e-commerce infrastructure are protected, this book is an excellent choice.
Reviewer: Ben Rothke, CISSP (Certified Information Systems Security Professional), is a New York City-based senior security consultant with ThruPoint, Inc. He is a member of ASIS International.
Security Management is the award-winning publication of ASIS International, the preeminent international
organization for security professionals, with more than 35,000 members worldwide.
ASIS International, Inc. Worldwide Headquarters USA, 1625 Prince Street, Alexandria, Virginia 22314-2818
703-519-6200 | fax 703-519-6299 | www.asisonline.org
Copyright © 2008, Security Management
Powered by: Phase2 TechnologyLinks:
[1] http://www.securitymanagement.com/magazine/2004/07
[2] http://www.wiley.com/
[3] http://www.amazon.com/
Comments