![Free eBooks of IT [BooksOfAll]](https://www.booksofall.com/wp-content/uploads/2022/06/booksofall-logo-2.png){kind=logo}
The recent evolution of Information and Communication Technologies (ICTs) and the substantial innovation in the sector have resulted in a significant increase in productivity as well as the emergence of a wealth of new goods and services. As the power, capacity, and cost of microelectronics continue to improve, providing a 30% gain, approximately, in productivity and power per unit of cost each year, we have all been beneficiaries of these trends. Today we live in a digital world, where information processing is inexpensive and telecommunications costs are decreasing. It is an increasingly interconnected world.
The wealth of new technical possibilities gives rise not only to new products and more efficient and effective ways of doing things, but also to the possibility of misuse of the technology. Like other technologies, ICTs are essentially neutral, and can be used in ways that most of us would consider beneficial, as well as in ways that are harmful. The work of ICTs is done at microsecond speed, carrying information invisible to the naked eye, under the control of software developed by people, so harmful intentions in this environment are often carried out rapidly, invisibly, and are difficult, if not impossible, to trace.
The problems associated with securing information systems, the processes that depend on them, and the information that is transmitted and stored in electronic form, are not new. Major commercial systems implemented on computers have been in existence for about 50 years. The commercial banking system has been executing electronic funds transfers for about the same amount of time. In these commercial systems, there are strong incentives for criminals to attempt to compromise both solitary computers and computer networks for personal gain. In reaction to the rise in opportunities for criminal activity, significant research and development initiatives have been launched to produce stronger security measures for both information processing and communications.
In the last 50 years, much has changed. The personal computer revolution which started in the mid-1970’s has put computers of remarkable size and power into the hands of hundreds of millions of people at the present time. In addition, the Internet and other forms of personal networking have enabled computer-tocomputer communications among many of those people. Twenty-five years ago computing and communications were generally handled by a small group of relative experts; today hundreds of millions of people use computers for every imaginable information processing task. They are tied together by a powerful communications network, the Internet, that allows expanded interpersonal communication via e-mail and instant messaging. The Internet also provides easy and relatively inexpensive access to a rich and growing body of digital content. Yet with these rapid technology advances, trouble spots have emerged as well. The average networked computer user of the 1970s was a professional computer specialist; today the average user is fairly ignorant, or at least is unconcerned with the technical details involved with the operations of the computer and its network. As a result, these casual users may fail to put proper security software packages and procedures in place, so that weak links in the network may be exploited by hackers or computer criminals, regardless of the respective geographical locations of the user, the exploiter, and the system being exploited.
If you use computers at home or at work, you have a certain level of responsibility for them and this publication will help you understand the procedural and technical details of managing either a single computer or a networked group of computers. Security is everyone’s business, whether you are a casual user, a technician, a system administrator, a network administrator, or a manager with responsibility for systems or networks. Understanding what the central security issues are, taking prudent actions to protect your systems, and putting a set of effective security policies in place are critical steps you must take to ensure that your machines and information Information Technology Security Handbook PREFACE 1 P R E F A C E will be secure from unauthorized access and that you will be able to exchange that information securely with others on the network.
