Surviving Security: How to Integrate People, Process, and Technology [Paperback]

Mandy Andress (Author), Amanda Andress (Author)

Book Description

Publication Date: July 10, 2001

One critical challenge network managers and administrators face is figuring out what combination of security options is right for their company. Surviving Security will explain how the various security "pieces" fit together while addressing the business concerns associated with each option.

Editorial Reviews

Review

Surviving Security is a crash course in all of the things that we should be doing in cyberspace that don't come naturally to most of us. It is a soup-to-nuts portrayal of how to do security right, from an experienced practitioner of digital security in real-world environments…Perhaps the best thing about this book, though, is that it's up-to-date. Mandy hasn't written just another cookbook recitation of the three R's of security, she has built a comprehensive structure on sound principles and extended it with her intimate knowledge of exciting new technology… I see few other titles on the shelves that can match this volume of experience and expertise in such a concise, lucidly written, and easy to read package.
Joel Scrambray, Co-author, Hacking Exposed from The Foreword --This text refers to the Hardcover edition.

From the Back Cover

Surviving Security addresses a breadth of security technologies and processes, including policy, encryption, physical security, and maintenance, while continually answering the following questions that are critical to network administrators and managers:

* Why is this technology/practice important to a security infrastructure?
* How does this fit into the larger security layer model?
* What different options-technology and vendor-are available for this area (vendor-specific reviews will be placed primarily on the companion web site) and what is the cost of implementing these options?

See all Editorial Reviews

Product Details

• Paperback: 525 pages
• Publisher: Sams; 1st edition (July 10, 2001)
• Language: English
• ISBN-10: 0672321297
• ISBN-13: 978-0672321290
• Product Dimensions: 9.1 x 7.3 x 1.4 inches
• Shipping Weight: 2 pounds
• Average Customer Review: 4.8 out of 5 stars  See all reviews (5 customer reviews)
• Amazon Best Sellers Rank: #3,257,216 in Books (See Top 100 in Books)

More About the Author

Discover books, learn about writers, read author blogs, and more.

Customer Reviews

Most Helpful Customer Reviews

11 of 11 people found the following review helpful:

5.0 out of 5 stars Security explained in a concise, easy-to-read fashion, July 18, 2001

By 

chicag097 (Chicago, IL USA) - See all my reviews

This review is from: Surviving Security: How to Integrate People, Process, and Technology (Paperback)

I am the network manager at a mid-size Chicago company and have been tasked with the job of developing a formal security infrastructure for our organization. I have read many of Mandy's InfoWorld articles and eagerly awaited the release of this book. Needless to say, I was not disappointed. Surviving Security is a great resource for understanding the components of a security infrastructure, how they fit together, and how to analyze and select the best approach for your environment. She covers all the basics (security policies, firewalls, IDS, remote access, OS hardening, network architecture, etc.)

In addition, there's a great chapter on authentication techniques. She also discusses the issues most people forget or do not really think about until it is too late: keeping up-to-date with patches, monitoring systems and logs, creating incident response teams, developing secure applications, etc. Most sections have "For More Information" boxes that give resources (books, websites, etc.) where you can go for more detailed information. I thought these were a great feature. She provides insightful information and commentary based on her experiences and then refers you to places where you can find more information. This book does not try to be all things for all people.

The companion website is a great way to keep the content up-to-date. As long as the author keeps the information and links current, this will be a good resource for security information. The product reviews give an independent, third-party opinion that is sometimes hard to find.

For those looking to develop a complete security infrastructure, this is the book to read. Surviving Security gives you an excellent "big picture" look at security that I have found lacking in other security books I have looked at.

10 of 10 people found the following review helpful:

5.0 out of 5 stars Mandatory Book For The Security Professional, November 21, 2001

By 

James W. S. Ludwig, CISSP (San Diego, Ca USA) - See all my reviews

This review is from: Surviving Security: How to Integrate People, Process, and Technology (Paperback)

I have been an information assurance professional for over 40-years. This is the only book that ties it all together and provides so many additonal bonuses that you cannot go wrong for the price.

What I found best about the book:
1. Great price for all the pertinent and up-to-date information, including references and URL's,
2. Complete, concise, focused; no wandering down memory lane,
3. A great study reference guide in preparation for the CISSP examination (I used it, I took the exam, I am now certified as an Information System Security Professional),
4. The book will be a solid reference for years to come,
5. The author knows her subject and presents it in such a logical manner that it is impossible not to grasp the concepts presented.
6. Can use the author's web site for this book so that you maintain your currency (who else offers this?),
7. If your on the security profession career path this book is mandatory, and
8. Where in the hell (heck) was this book 10-15 years ago.

8 of 9 people found the following review helpful:

4.0 out of 5 stars Great for someone needing thorough intro info sec, August 15, 2001

By 

Ben Rothke "Author of 'Computer Security: 20 ... (USA) - See all my reviews
(REAL NAME)   

This review is from: Surviving Security: How to Integrate People, Process, and Technology (Paperback)

Surviving Security is a really good book for someone needing a thorough introduction to information security.

The book covers all of the most important security technologies and processes. After completing the book, the reader will come out with a good understanding the components of an information systems security infrastructure.

All of the chapters contain loads of valuable information. Two extremely valuable sections are (Page 358) Sample Audit Checklist and (Page 399) Assessing Your Needs.

The Sample Audit Checklist contains over 30 pages of technology items that require security. Assessing Your Needs details all of the items required for an effective incident response team....

For those people needing an effective and easily readable reference about computer security, Surviving Security is an excellent resource.