Denny Cherry - Enterprise-Grade IT Security for Small and Medium Businesses: Building Security Systems, in Plain English

This Apress imprint is published by the registered company APress Media, LLC, part of Springer Nature.

The registered company address is: 1 New York Plaza, New York, NY 10004, U.S.A.

With Enterprise-Grade IT Security for Small and Medium Businesses, I wanted to take a different approach than most IT books. Most are written with the assumption that the reader knows what they should put in place, and they are a sort of how-to book on implementing the various solutions. With Enterprise-Grade IT Security for Small and Medium Businesses, the approach was instead taken to educate people who dont normally work hands-on with these various technologies. Thus, executives can have a good understanding of what technology solutions are available, and can ask questions of their IT teams as to why dont they have X, and do they need to have Y in place, while having an understanding of what these technology solutions are capable of doing.

In Chapter , well review why IT security matters and why companies need to have an IT security infrastructure in place. One of the big reasons why companies dont invest in IT security is because it is expensive, and often the company doesnt see the benefit to spending the money.

In Chapter , we will take a slightly more technical approach as we talk about network design decisions that companies can make for how their network is designed. These range from fairly wide open with all the devices on the network able to communicate with all the other devices, to a network that is segmented, preventing devices on the network from accessing other devices unless specific access is granted.

In Chapter , we will review what firewalls are, what they do, and why are they useful for companies to deploy to protect their network infrastructure. This will include the cloud options available in the three major clouds.

In Chapter , we will review denial of services and distributed denial of service attacks, and how they are prevented using distributed denial of service appliances. Well also compare and contrast these appliances with firewalls so that we can see when one is used versus the other. This will include the cloud options available in the three major clouds.

In Chapter , we will review the remote connectivity options that companies can make available to their users, including why they are good to have and the risks that these solutions introduce.

In Chapter , we will review the security options available within each of the major operating systems. This includes why the various platforms should be patched and upgraded frequently.

In Chapter , we will review what multi-factor authentication is, how it should be used, and when it should be used.

In Chapter , we will learn about zero trust environments and how companies can benefit from having such an environment in their network infrastructure.

In Chapter , we will talk about the weakest link in IT securitythe company staff. We will review the training that employees should be doing regularly, as well as what topics should be covered in that training.

In Chapter , we will continue on this theme of employee training to not only secure their company resources but also their daily life, as an attackers gaining access to personal resources can be leveraged to compromise the employees business life.