Skip to Content
Computer Security Handbook, Fifth Edition
book

Computer Security Handbook, Fifth Edition

by SEYMOUR BOSWORTH, ERIC WHYNE, M.E. KABAY
February 2009
Intermediate to advanced
2048 pages
80h 12m
English
Wiley
Content preview from Computer Security Handbook, Fifth Edition

CHAPTER 45

EMPLOYMENT PRACTICES AND POLICIES

M. E. Kabay and Bridgitt Robertson

45.1 INTRODUCTION

45.2 HIRING

45.2.1 Checking Candidate's Background

45.2.2 Employment Agreements

45.3 MANAGEMENT

45.3.1 Identify Opportunities for Abuse

45.3.2 Access Is Neither a Privilege Nor a Right

45.3.3 The Indispensable Employee

45.3.4 Career Advancement

45.3.5 Vacation Time

45.3.6 Responding to Changes in Behavior

45.3.7 Separation of Duties

45.3.8 No Unauthorized Security Probes

45.4 TERMINATION OF EMPLOYMENT

45.4.1 Resignations

45.4.2 Firings

45.5 SUMMARY

45.6 FURTHER READING

45.7 NOTES

45.1 INTRODUCTION.

Crime is a human issue, not merely a technological one. True, technology can reduce the incidence of computer crimes, but the fundamental problem is that people can be tempted to take advantage of flaws in our information systems. The most spectacular biometric access control in the world will not stop someone from getting into the computer room if the janitor believes it is “just to pick up a listing.”

People are the key to effective information security, and disaffected employees and angry ex-employees are important threats according to many current studies. For example, the 2007 CSI Computer Crime and Security Survey, published by the Computer Security Institute, reported on responses from 494 participants in a wide range of industries, nonprofits and government agencies; the authors stated:

Insider abuse of network access or e-mail (such as trafficking in pornography or pirated software) ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

AirBnbBlueOriginElectronic ArtsHomeDepotNasdaqRakutenTata Consultancy Services

QuotationMarkO’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.
Julian F.
Head of Cybersecurity
QuotationMarkI wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.
Addison B.
Field Engineer
QuotationMarkI’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.
Amir M.
Data Platform Tech Lead
QuotationMarkI'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
Mark W.
Embedded Software Engineer

You might also like

Computer and Information Security Handbook, 3rd Edition

Computer and Information Security Handbook, 3rd Edition

John R. Vacca
Defensive Security Handbook, 2nd Edition

Defensive Security Handbook, 2nd Edition

Lee Brotherston, Amanda Berlin, William F. Reyor

Publisher Resources

ISBN: 9780471716525Purchase book