Commercial, personal and sensitive information is very hard to keep secure, and technological solutions are not the only answer. In today’s technology-driven environment, there is an ever-increasing demand for information delivery on various devices in the office, at home and in public places. A compromise has to be struck between security of information and its availability. This book provides significant first steps along the path of dealing with information assurance in a realistic and comprehensive manner. The second edition has been expanded to include the security of cloud-based resources. The remainder of the contents have been reviewed and reordered to reflect the changes to the BCS Certification in Information Security Management Principles which the book supports."The security of personal information has never been of greater concern to the public. The BCS provides valuable leadership in this area and this is a timely contribution to a vital process" (Richard Thomas, Information Commissioner). (Review of previous edition)
The authors are at the forefront of information security and are instrumental in shaping policy and implementing best-practice. They have gained considerable experience across a wide range of public and private sector bodies including the Home Office, GCHQ, MoD, RAF, Royal Navy, British Airways, Marks & Spencer and O2.
'The security of personal information must keep pace with technology in order to provide a safe and secure environment. This 2nd edition provides a timely update to ensure that BCS remains as an important leader in the education of information security principles.'
David Smith, Deputy Commissioner and Director of Data Protection, Information Commissioner's Office
Information security principles
Information security framework
Procedural and people security controls
Technical security controls
Software development and life cycle
Physical and environmental security
Disaster recovery and business continuity management
Other technical aspects