PART OF THE NEW JONES & BARTLETT LEARNING INFORMATION SYSTEMS SECURITY & ASSURANCE SERIES!

Legal Issues in Information Security addresses the area where law and information security concerns intersect. Information systems security and legal compliance are now required to protect critical governmental and corporate infrastructure, intellectual property created by individuals and organizations alike, and information that individuals believe should be protected from unreasonable intrusion. Organizations must build numerous information security and privacy responses into their daily operations to protect the business itself, fully meet legal requirements, and to meet the expectations of employees and customers. Part 1 of this book discusses fundamental security and privacy concepts. Part 2 examines recent US laws that address information security and privacy. And Part 3 considers security and privacy for organizations.

Bulletproof your organization against data breach, identity theft, and corporate espionage In this updated and revised edition of Privacy Means Profit, John Sileo demonstrates how to keep data theft from destroying your bottom line, both personally and professionally. In addition to sharing his gripping tale of losing $300,000 and his business to data breach, John writes about the risks posed by social media, travel theft, workplace identity theft, and how to keep it from happening to you and your business. By interlacing his personal experience with cutting-edge research and unforgettable stories, John not only inspires change inside of your organization, but outlines a simple framework with which to build a Culture of Privacy. This book is a must-read for any individual with a Social Security Number and any business leader who doesn't want the negative publicity, customer flight, legal battles and stock depreciation resulting from data breach. Protect your net worth and bottom line using the 7 Mindsets of a Spy Accumulate Layers of Privacy Eliminate the Source Destroy Data Risk Lock Your Assets Evaluate the Offer Interrogate the Enemy Monitor the Signs In this revised edition, John includes an 8th Mindset, Adaptation, which serves as an additional bridge between personal protection and bulletproofing your organization. Privacy Means Profit offers a one-stop guide to protecting what's most important and most at risk-your essential business and personal data.

Detailing best practices and trade secrets for private sector security investigations, Private Security and the Investigative Process, Third Edition provides complete coverage of the investigative process. Fully updated, this edition covers emerging technology, revised legal and practical considerations for conducting interviews, and new information on case evaluation. Written by a recognized expert in security, criminal justice, ethics, and the law-with over three decades of experience-the updated edition of this popular text covers concepts and techniques that can be applied to a variety of investigations including fraud, insurance, private, and criminal. It details the collection and preservation of evidence, the handling of witnesses, surveillance techniques, background investigations, and report writing. This new edition includes: More than 80 new or updated forms, checklists, charts, and illustrations Updated proprietary information from Pinkerton, Wackenhut, and other leading security companies Increased emphasis on software and technological support products A closer examination of periodical literature and government publications Authoritative, yet accessible, this book is an important reference for private investigators and security professionals. Complete with numerous forms, checklists, and web exercises, it provides the tools and understanding required to conduct investigations that are professional, ethical, and effective.

Data leaks expose your customers to identity theft and your business to security risks. But how do you set up a data loss prevention plan? Start with Data Leaks For Dummies! Now more than ever, it’s critical to keep your company data locked up tighter than Fort Knox. Data Leaks For Dummies has the scoop on what’s at risk, how leaks happen, how to keep your data safe without being inflexible, and even what to do if the worst happens. It shows you how to: Identify risk by learning to see your data the way a criminal would Recognize how innocent mistakes, common carelessness, and malicious insiders also pose a threat Learn how to defend against phishing, e-mail threats, and wireless security breaches Be alert for social engineering attacks, suspicious contract workers, dumpster divers, and plain old eavesdroppers Plan for safe disposal of old hardware, use caution with SMS and e-mail archives, and be aware of how Webcasts and conference calls can be invaded Discover how crooks steal data in public places such as Internet cafes Develop a recovery plan, build a team, and even manage press coverage should data loss occur You’ll learn why free data storage devices could cost you a lot, how to protect mobile devices, why data corruption might be even worse than data loss, and how you can help software developers build safer applications. Data Leaks For Dummies will help you protect your customers, the reputation of your business, and your bottom line.

What Does Google Know about You? And Who Are They Telling? When you use Google’s “free” services, you pay, big time–with personal information about yourself. Google is making a fortune on what it knows about you…and you may be shocked by just how much Google does know. Googling Security is the first book to reveal how Google’s vast information stockpiles could be used against you or your business–and what you can do to protect yourself. Unlike other books on Google hacking, this book covers information you disclose when using all of Google’s top applications, not just what savvy users can retrieve via Google’s search results. West Point computer science professor Greg Conti reveals the privacy implications of Gmail, Google Maps, Google Talk, Google Groups, Google Alerts, Google’s new mobile applications, and more. Drawing on his own advanced security research, Conti shows how Google’s databases can be used by others with bad intent, even if Google succeeds in its pledge of “don’t be evil.” Uncover the trail of informational “bread crumbs” you leave when you use Google search How Gmail could be used to track your personal network of friends, family, and acquaintances How Google’s map and location tools could disclose the locations of your home, employer, family and friends, travel plans, and intentions How the information stockpiles of Google and other online companies may be spilled, lost, taken, shared, or subpoenaed and later used for identity theft or even blackmail How the Google AdSense and DoubleClick advertising services could track you around the Web How to systematically reduce the personal information you expose or give away This book is a wake-up call and a “how-to” self-defense manual: an indispensable resource for everyone, from private citizens to security professionals, who relies on Google. Preface xiii Acknowledgments xix About the Author xxi Chapter 1: Googling 1 Chapter 2: Information Flows and Leakage 31 Chapter 3: Footprints, Fingerprints, and Connections 59 Chapter 4: Search 97 Chapter 5: Communications 139 Chapter 6: Mapping, Directions, and Imagery 177 Chapter 7: Advertising and Embedded Content 205 Chapter 8: Googlebot 239 Chapter 9: Countermeasures 259 Chapter 10: Conclusions and a Look to the Future 299 Index 317

Praise for The Truth About Identity Theft “This book will open your eyes, scare you smart, and make you think twice. Identity theft can happen to you and this book is a must read. Jim Stickley tells you why and how you need to protect yourself.” Matt Lauer, Anchor, TODAY Show "Nowadays, identity theft is an all-too-common occurrence that puts more than just your finances in jeopardy. Fortunately, Jim Stickley's easy-to-understand advice can teach you how to spot and stay ahead of security threats. In short, this book is a must read." Wes Millar, Senior Vice President of CUNA Strategic Services "In an age when identity theft will affect everyone sooner or later, this book is simply a must-read. Jim Stickley teaches you to spot the danger signs and offers smart solutions for everything from banking security and online shopping scams to medical identity theft. Whether it's you, your parents', or your kids' identities, everyone has something to protect. This book tells you what you need to know." Jim Bell, Executive Producer, TODAY Show "Jim Stickley shares his amazing experiences as a professional hacker in the most entertaining manner. He’s a great storyteller and captures your attention with his experiences, which will make you want to upscale your efforts protect your firm’s data and your own ID. Jim’s stories are fascinating. Most of us can’t imagine how simple it is for him to succeed as a conman in situations we think are safe. The trade secrets of hackers he shares with us are mind boggling! You won’t let your guard down after learning what Jim has actually done to get companies and individuals' private information. He’s the updated version of 'To Catch a Thief'[el]but he’s a good guy!" Nancy E. Sheppard, President & CEO of Western Independent Bankers (A Trade Association of 350 Banks) "If you’re not worried about identity theft, you should be[el]and Stickley tells you exactly why. His engaging writing style, coupled with real-life stories about identity theft and concrete actions to help you prevent identity theft are exactly what’s needed to make people take notice of this growing crime. I’ll recommend this book again and again!" Jerri L. Ledford, About.com Guide to Identity Theft Everything you must know to protect yourself and your business from identity thieves! • The truth about real-world identity theft attacks • The truth about how easy it is for thieves to make off with your identity • The truth about stopping identity thieves in their tracks Jim Stickley has stolen credit cards, hacked Social Security numbers, robbed banks, and created fake ATMs. He has broken into armed government facilities and has stolen from teenagers. He is an identity thief, but he is no criminal. Fortunately for all victims involved, Jim was hired to perform these attacks by corporations testing their security, news agencies investigating security concerns, and other media outlets interested in knowing just how easy it is to commit identity theft. His job is to find security flaws before the real criminals find them. This book has been designed to give you the insight that most people only experience after becoming victims of identity theft. Each Truth walks you through a different type of attack, explaining the complete process in a very simple and straight-forward way. Like a magician actually revealing what happens behind the curtain, Jim takes you through the attacks to reveal how people at home, work, and on the road become victims. Prepare yourself. What you read here might be disturbing, but you will never be truly safe from identity thieves until you learn to think like one.

“If you want to understand the future before it happens, you’ll love this book. If you want to change the future before it happens to you, this book is required reading.” – Reed Hundt, former Chairman of the Federal Communications Commission “There is no simpler or clearer statement of the radical change that digital technologies will bring, nor any book that better prepares one for thinking about the next steps.” – Lawrence Lessig, Stanford Law School and Author of Code and Other Laws of Cyberspace “ Blown to Bits will blow you away. In highly accessible and always fun prose, it explores all the nooks and crannies of the digital universe, exploring not only how this exploding space works but also what it means.” – Debora Spar, President of Barnard College, Author of Ruling the Waves and The Baby Business “This is a wonderful book–probably the best since Hal Varian and Carl Schultz wrote Digital Rules. The authors are engineers, not economists. The result is a long, friendly talk with the genie, out of the lamp, and willing to help you avoid making the traditional mistake with that all-important third wish.” – David Warsh, Author of Knowledge and the Wealth of Nations “ Blown to Bits is one of the clearest expositions I’ve seen of the social and political issues arising from the Internet. Its remarkably clear explanations of how the Net actually works lets the hot air out of some seemingly endless debates. You’ve made explaining this stuff look easy. Congratulations!” – David Weinberger, Coauthor of The Cluetrain Manifesto and Author of Everything Is Miscellaneous: The Power of the New Digital Disorder. “ Blown to Bits is a timely, important, and very readable take on how information is produced and consumed today, and more important, on the approaching sea change in the way that we as a society deal with the consequences.” – Craig Silverstein, Director of Technology, Google, Inc. “This book gives an overview of the kinds of issues confronting society as we become increasingly dependent on the Internet and the World Wide Web. Every informed citizen should read this book and then form their own opinion on these and related issues. And after reading this book you will rethink how (and even whether) you use the Web to form your opinions…” – James S. Miller, Senior Director for Technology Policy and Strategy, Microsoft Corporation “Most writing about the digital world comes from techies writing about technical matter for other techies or from pundits whose turn of phrase greatly exceeds their technical knowledge. In Blown to Bits, experts in computer science address authoritatively the practical issues in which we all have keen interest.” – Howard Gardner, Hobbs Professor of Cognition and Education, Harvard Graduate School of Education, Author of Multiple Intelligences and Changing Minds “Regardless of your experience with computers, Blown to Bits provides a uniquely entertaining and informative perspective from the computing industry’s greatest minds. A fascinating, insightful and entertaining book that helps you understand computers and their impact on the world in a whole new way. This is a rare book that explains the impact of the digital explosion in a way that everyone can understand and, at the same time, challenges experts to think in new ways.” – Anne Margulies, Assistant Secretary for Information Technology and Chief Information Officer of the Commonwealth of Massachusetts “ Blown to Bits is fun and fundamental. What a pleasure to see real teachers offering such excellent framework for students in a digital age to explore and understand their digital environment, code and law, starting with the insight of Claude Shannon. I look forward to you teaching in an open online school.” – Professor Charles Nesson, Harvard Law School, Founder, Berkman Center for Internet and Society “To many of us, computers and the Internet are magic. We make stuff, send stuff, receive stuff, and buy stuff. It’s all pointing, clicking, copying, and pasting. But it’s all mysterious. This book explains in clear and comprehensive terms how all this gear on my desk works and why we should pay close attention to these revolutionary changes in our lives. It’s a brilliant and necessary work for consumers, citizens, and students of all ages.” – Siva Vaidhyanathan, cultural historian and media scholar at the University of Virginia and author of Copyrights and Copywrongs: The Rise of Intellectual Property and How it Threatens Creativity “The world has turned into the proverbial elephant and we the blind men. The old and the young among us risk being controlled by, rather than in control of, events and technologies. Blown to Bits is a remarkable and essential Rosetta Stone for beginning to figure out how all of the pieces of the new world we have just begun to enter–law, technology, culture, information–are going to fit together. Will life explode with new possibilities, or contract under pressure of new horrors? The precipice is both exhilarating and frightening. Hal Abelson, Ken Ledeen, and Harry Lewis, together, have ably managed to describe the elephant. Readers of this compact book describing the beginning stages of a vast human adventure will be one jump ahead, for they will have a framework on which to hang new pieces that will continue to appear with remarkable speed. To say that this is a ‘must read’ sounds trite, but, this time, it’s absolutely true.” – Harvey Silverglate, criminal defense and civil liberties lawyer and writer Every day, billions of photographs, news stories, songs, X-rays, TV shows, phone calls, and emails are being scattered around the world as sequences of zeroes and ones: bits. We can’t escape this explosion of digital information and few of us want to–the benefits are too seductive. The technology has enabled unprecedented innovation, collaboration, entertainment, and democratic participation. But the same engineering marvels are shattering centuries-old assumptions about privacy, identity, free expression, and personal control as more and more details of our lives are captured as digital data. Can you control who sees all that personal information about you? Can email be truly confidential, when nothing seems to be private? Shouldn’t the Internet be censored the way radio and TV are? Is it really a federal crime to download music? When you use Google or Yahoo! to search for something, how do they decide which sites to show you? Do you still have free speech in the digital world? Do you have a voice in shaping government or corporate policies about any of this? Blown to Bits offers provocative answers to these questions and tells intriguing real-life stories. This book is a wake-up call to the human consequences of the digital explosion. Preface xiii Chapter 1: Digital Explosion: Why Is It Happening, and What Is at Stake? 1 Chapter 2: Naked in the Sunlight: Privacy Lost, Privacy Abandoned 19 Chapter 3: Ghosts in the Machine: Secrets and Surprises of Electronic Documents 73 Chapter 4: Needles in the Haystack: Google and Other Brokers in the Bits Bazaar 109 Chapter 5: Secret Bits: How Codes Became Unbreakable 161 Chapter 6: Balance Toppled: Who Owns the Bits? 195 Chapter 7: You Can’t Say That on the Internet: Guarding the Frontiers of Digital Expression 229 Chapter 8: Bits in the Air: Old Metaphors, New Technologies, and Free Speech 259 Conclusion: After the Explosion 295 Appendix: The Internet as System and Spirit 301 Endnotes 317 Index 347

From the moment you're born, you enter the data stream-from birth certificates to medical records to what you bought on Amazon last week. As your dossier grows, so do the threats, from identity thieves to government snoops to companies who want to sell you something. Computer Privacy Annoyances shows you how to regain control of your life. You'll learn how to keep private information private, stop nosy bosses, get off that incredibly annoying mailing list, and more. Unless you know what data is available about you and how to protect it, you're a sitting duck. Computer Privacy Annoyances is your guide to a safer, saner, and more private life. Written by privacy pro Dan Tynan, and based on interviews with privacy experts from all over the globe, Computer Privacy Annoyances serves up real-world advice in bite-sized portions that will help you stop the snoops in their tracks. The book even addresses non-computing threats, from telemarketer-cum-stalkers, thieves at your mailbox, nosy folks in your HR department, cell phone eavesdroppers, and more. The key areas covered include: Privacy at Home Privacy on the Net Privacy at Work Privacy in Public Privacy and Uncle Sam Privacy in the Future Daniel Tynan has written about Internet privacy and security for nearly a decade. His work has appeared in more than 40 national publications. As executive editor at PC World, Tynan edited a special issue on Internet Privacy that won a Grand Neal Award and was a finalist for a National Magazine Award. He has won more than a dozen other honors, including nine Neals, four Maggies, and two Computer Press Association Awards.

Praise for J.C. Cannon's Privacy "A wonderful exploration of the multifaceted work being done to protect the privacy of users, clients, companies, customers, and everyone in between." —Peter Wayner, author of Translucent Databases "Cannon provides an invaluable map to guide developers through the dark forest created by the collision of cutting-edge software development and personal privacy." —Eric Fredericksen, Sr. Software Engineer, PhD., Foundstone, Inc. "Cannon's book is the most comprehensive work today on privacy for managers and developers. I cannot name any technical areas not covered. No practitioners should miss it." —Ray Lai, Principal Engineer, Sun Microsystems, Inc., co-author of Core Security Patterns and author of J2EE Platform Web Services "Every developer should care deeply about privacy and this is the best book I've read on the subject. Get it, read it, and live it." —Keith Ballinger, Program Manager, Advanced Web Services, Microsoft "J.C. Cannon's book demonstrates that information and communication technology can contribute in a significant way to restoring individual privacy and raises more awareness of the complexity and importance of this societal problem." —Dr. John J. Borking, Former Commissioner and Vice-President of the Dutch Data Protection Authority "If you are planning, implementing, coding, or managing a Privacy campaign in your company or your personal computing, there is no more relevant reference. J.C. Cannon nails the issues." —Rick Kingslan, CISSP, Microsoft MVP-Windows Server: Directory Services and Right Management, West Corporation "It's often been said that security is a process, not a product. Privacy is no different! Unlike other privacy books, J.C. Cannon's book has something valuable to convey to everyone involved in the privacy process, from executives to designers and developers, many of whom aren't thinking about privacy but should be." —Keith Brown, Co-founder of Pluralsight and author of The .NET Developer's Guide to Windows Security and Programming Windows Security "J.C. Cannon's new book on electronic privacy is an important addition to the available works in this emerging field of study and practice. Through many humorous (and occasionally frightening) examples of privacy gone wrong, J.C. helps you better understand how to protect your privacy and how to build privacy awareness into your organization and its development process. Keenly illustrating both the pros and cons of various privacy-enhancing and potentially privacy-invading technologies, J.C.'s analysis is thorough and well-balanced. J.C. also explains many of the legal implications of electronic privacy policies and technologies, providing an invaluable domestic and international view." —Steve Riley, Product Manager, Security Business and Technology Unit, Windows Division, Microsoft "Privacy concerns are pervasive in today's high-tech existence. The issues covered by this book should be among the foremost concerns of developers and technology management alike." —Len Sassaman, Security Architect, Anonymizer, Inc. You're responsible for your customers' private information. If you betray their trust, it can destroy your business. Privacy policies are no longer enough. You must make sure your systems truly protect privacy—and it isn't easy. That's where this book comes in. J.C. Cannon, Microsoft's top privacy technology strategist, covers every facet of protecting customer privacy, both technical and organizational. You'll learn how to systematically build privacy safeguards into any application, Web site, or enterprise system, in any environment, on any platform. You'll discover the best practices for building business infrastructure and processes that protect customer privacy. You'll even learn how to help your customers work with you in protecting their own privacy. Coverage includes How privacy and security relate—and why security isn't enough Understanding your legal obligations to protect privacy Contemporary privacy policies, privacy-invasive technologies, and privacy-enhancing solutions Auditing existing systems to identify privacy problem areas Protecting your organization against privacy intrusions Integrating privacy throughout the development process Developing privacy-aware applications: a complete sample application Building a team to promote customer privacy: staffing, training, evangelization, and quick-response Protecting data and databases via role-based access control Using Digital Rights Management to restrict customer information Privacy from the customer's standpoint: spam avoidance, P3P, and other tools and resources Whether you're a manager, IT professional, developer, or security specialist, this book delivers all the information you need to protect your customers—and your organization. The accompanying CD-ROM provides sample privacy-enabling source code and additional privacy resources for developers and managers. J. C. CANNON, privacy strategist at Microsoft's Corporate Privacy Group, specializes in implementing application technologies that maximize consumer control over privacy and enable developers to create privacy-aware applications. He works closely with Microsoft product groups and external developers to help them build privacy into applications. He also contributed the chapter on privacy to Michael Howard's Writing Secure Code (Microsoft Press 2003). Cannon has spent nearly twenty-five years in software development. © Copyright Pearson Education. All rights reserved.

Privacy Defended: Protecting Yourself Online is a comprehensive book that melds detailed, how-to information on PC hardware and operating system security within the context of protecting one's privacy in a digital world. It is designed for individuals who are serious about their privacy and who also want an accessible, one-stop source of practical information. The book offers clear discussion of privacy issues as they affect everyday users of digital devices, covering all current and near-future devices and technologies that pose privacy risks to users.

Since the first edition of this classic reference was published, World Wide Web use has exploded and e-commerce has become a daily part of business and personal life. As Web use has grown, so have the threats to our security and privacy--from credit card fraud to routine invasions of privacy by marketers to web site defacements to attacks that shut down popular web sites. Web Security, Privacy & Commerce goes behind the headlines, examines the major security risks facing us today, and explains how we can minimize them. It describes risks for Windows and Unix, Microsoft Internet Explorer and Netscape Navigator, and a wide range of current programs and products. In vast detail, the book covers: Web technology--The technological underpinnings of the modern Internet and the cryptographic foundations of e-commerce are discussed, along with SSL (the Secure Sockets Layer), the significance of the PKI (Public Key Infrastructure), and digital identification, including passwords, digital signatures, and biometrics. Web privacy and security for users--Learn the real risks to user privacy, including cookies, log files, identity theft, spam, web logs, and web bugs, and the most common risk, users' own willingness to provide e-commerce sites with personal information. Hostile mobile code in plug-ins, ActiveX controls, Java applets, and JavaScript, Flash, and Shockwave programs are also covered. Web server security--Administrators and service providers discover how to secure their systems and web services. Topics include CGI, PHP, SSL certificates, law enforcement issues, and more. Web content security--Zero in on web publishing issues for content providers, including intellectual property, copyright and trademark issues, P3P and privacy policies, digital payments, client-side digital signatures, code signing, pornography filtering and PICS, and other controls on web content. Nearly double the size of the first edition, this completely updated volume is destined to be the definitive reference on Web security risks and the techniques and technologies you can use to protect your privacy, your organization, your system, and your network.

Fifty years ago, in 1984, George Orwell imagined a future in which privacy was demolished by a totalitarian state that used spies, video surveillance, historical revisionism, and control over the media to maintain its power. Those who worry about personal privacy and identity--especially in this day of technologies that encroach upon these rights--still use Orwell's "Big Brother" language to discuss privacy issues. But the reality is that the age of a monolithic Big Brother is over. And yet the threats are perhaps even more likely to destroy the rights we've assumed were ours. Database Nation: The Death of Privacy in the 21st Century shows how, in these early years of the 21st century, advances in technology endanger our privacy in ways never before imagined. Direct marketers and retailers track our every purchase; surveillance cameras observe our movements; mobile phones will soon report our location to those who want to track us; government eavesdroppers listen in on private communications; misused medical records turn our bodies and our histories against us; and linked databases assemble detailed consumer profiles used to predict and influence our behavior. Privacy--the most basic of our civil rights--is in grave peril. Simson Garfinkel--journalist, entrepreneur, and international authority on computer security--has devoted his career to testing new technologies and warning about their implications. This newly revised update of the popular hardcover edition of Database Nation is his compelling account of how invasive technologies will affect our lives in the coming years. It's a timely, far-reaching, entertaining, and thought-provoking look at the serious threats to privacy facing us today. The book poses a disturbing question: how can we protect our basic rights to privacy, identity, and autonomy when technology is making invasion and control easier than ever before? Garfinkel's captivating blend of journalism, storytelling, and futurism is a call to arms. It will frighten, entertain, and ultimately convince us that we must take action now to protect our privacy and identity before it's too late.

This brochure discusses the origins of NSA.

A study of the contributions made by NSA during the Cuban Missile Crisis of 1962.