The NCSA Guide to PC & LAN Security
Stephen Cobb, CISSP
Chapter 14: Secure People
This chapter is about: Hacker, Ethics, and Other Human Factors
...the chapter focuses on the human aspects of computer security. These include not only that mysterious creature known as the hacker, but also such everyday phenomena as the disgruntled employee and the unsympathetic manager. We touch on the legal aspects of unauthorized computer use and talk about how to defend against what are called "social engineering" attacks. Defenses against hacking will be reviewed.For readers who find the technical side of computing to be baffling, frustrating, even intimidating, the news is not good: Humans are even more complex and difficult to understand than computers. Even if you are enjoy the challenge of interacting with other people, taking charge of the human side of the computer security problem is not a burden to be shouldered lightly. After all, humans create the need for security, and aside from the effects of rare and random acts of nature such as lightning, tornadoes or earthquakes, humans pose the biggest threat to security. This chapter does not attempt anything so grand as a unified theory of human behavior, it merely attempts to put in perspective the human issues surrounding the need to protect and preserve valuable data and functions entrusted to personal computers.
Check out the following Hotlinks:
- Privacy, Laws, & Ethics
- Organizations, resources, legislation, lawsuits, infowar, hacking and alternative views, campaigns, research.
The Story So Far
- No typos or errors reported so far.
- Links and supplemental info being prepared.
- Check back in 10 days for more links and info.
Table of Contents with Links to Chapters
- Chapter 1. Security Matters: Assessing the problems, threats, and issues
- Chapter 2. Security Solutions: Basic concepts and techniques
- Chapter 3. Security Planning: Risk analysis and security policy
- Chapter 4. Secure Hardware: Defending and insuring equipment
- Chapter 5. Secure Power: Spikes, Sparks, and Electrical Threats
- Chapter 6. Secure Sites: Defending sites and systems
- Chapter 7. Secure Access: Controls, passwords, and encryption
- Chapter 8. Secure Data: Backup, backup, backup
- Chapter 9. Secure Code: Defeating viruses, worms and other malicious code
- Chapter 10. Secure Software: Piracy, bugs, and other "soft" threats
- Chapter 11. Secure Networks I: Generic network defense
- Chapter 12. Secure Networks II: Protecting name brand networks
- Chapter 13. Secure Communications: WANs, remote access, and the Internet
- Chapter 14. Secure People: Hacking and ethical issues
- Chapter 15. Security in the Future: How to become and remain secure
- Appendix A: Threat List
- Appendix B: A Brief Guide to Batch Files
- Appendix C: Computer Security Policy
- Appendix D: Notes on EMR
- Appendix E: Export Restrictions on Encryption
- Appendix F: Further Resources
- Appendix G: Glossary
- Appendix H: How Public Key Encryption Works
- Appendix I: Introduction to LANs
- Appendix J: Securing Safe Software
- Appendix K: Appraising Microsoft AV