Publisher: Prentice Hall PTR
Identity theft has been one of the most discussed subjects in the news during the previous year. According to the cover of this book, it's the fastest growing crime in America. I believe that the rest of the world is not too far as reports of problems can be read from all over the world. I was very intrigued when I got my hands on this title since the initial browsing of the content promised a very interesting read. Does the book deliver? Read on to find out.
About the author
John Vacca is an information technology consultant and internationally known author based in Pomeroy, Ohio. Since 1982, John has authored of 30 books and more than 390 articles in the areas of Internet and Intranet security, programming, systems development, rapid application development, multimedia and the Internet. John was also a configuration management specialist, computer specialist, and the computer security official for NASA's space station program (Freedom) and the International Space Station Program, from 1988 until his early retirement from NASA in 1995. John was also one of the security consultants for the MGM movie titled "AntiTrust".
An interview with John Vacca is available here.
Inside the book
This first part of the book kicks off with an explanation of identity theft in which Vacca shows you how it's done. Immediately after this, you see how you can minimize the risk of becoming a victim. The author teaches you how to protect yourself by protecting everything from your wallet to your applications. To help you get started, Vacca provides a basic ID theft security precautions checklist and an identity theft vulnerability quiz with which you can see if you're at risk. Analyzed are also the various types of information that you should guard at all times.
What follows is a discussion on detecting, reporting and recovering from identity theft. Vacca shows you how to see if your identity has been stolen and illustrates what actions you have to take with the aid of a comprehensive ID theft victim checklist.
The second part of the book is all about protecting yourself from identity theft on the Internet. The author writes about privacy issues, social engineering, site cloning, security policies and other topics. While reading this part you begin to realize why there's so much identity theft - it's not that hard after all.
There's advice here for everyone - ISPs, internet companies and users. Some of the topics presented are: credit card theft, fraud prevention tools and Distributed Denial of Service (DDoS) attacks. Of course, there's also a good guide on how to protect your information. Chapter six is specific as it deals with the deployment of identity theft protection by ISPs. Vacca depicts the protection of consumer and corporate identity, discusses identity theft risks and threats, etc. Closely connected with this chapter, the next one deals with the testing and performance of identity theft protection techniques. Here you find the very extensive checklist on best practices for online identity theft protection.
The third part of the book is about identity protection for corporations. You start by reading about protecting the information of customers and employees. Vacca shows you which customers are at risk, writes about internal and external identity theft offenders, and so on.
During the past year there have been several reports of laptops containing sensitive data being lost of stolen in the US and the UK. This type of loss can cause serious damage to an organization and provide someone on the outside with valuable information. The author addresses this type of problem by writing about guidelines for protecting the identity and confidentiality of personal information when working outside the corporate office. There's a plethora of interesting facts and tips that laptop owners will certainly appreciate. At the end of the chapter, some space is dedicated to issues related to wireless technology.
The book continues with a chapter dedicated to the management of ongoing identity theft prevention and protection techniques. When it comes to the management of electronic records, Vacca presents you with 18 best practices that will help you get organized. Here you also find quality information regarding the processing of Internet charges, Internet privacy policies, and more.
The fourth part of the book illustrates identity theft future solutions and techniques and begins with a chapter dedicated to a technology already widely in use - biometrics. The author teaches you how biometric systems work and depicts the various types of biometrics. This is a great introduction to the subject that new users will definitely find interesting.
Vacca continues the journey by introducing you to digital signatures and various types of cards. There's a lot of material covered here: using smart cards to secure e-business applications, using biometrics in smart card information and operations, etc. Everything is very detailed and backed up by figures that allow you to quickly get a grip on the material.
Next you get an understanding of symmetric and asymmetric key encryption, e-mail encryption and other related topics before moving on to e-commerce security and data mining. In the last chapter, Vacca provides conclusions and recommendations. This is, of course, not the end as there are six appendices with lots of juicy details like listings of identity theft reports, testimonies, cases, scams, and more. Overall, very complete.
My 2 cents
As regards the audience of this book, it's basically anyone who wants to acquire the skills necessary to implement effective security measures to protect their information. The author covers a broad range of material so there's something in this title for everyone, from the system administrator to the average computer user concerned with identity theft issues.
Vacca skillfully analyzes all aspects of identity theft from multiple points of view and manages to illustrate effective protection measures. I can highly recommend this book to anyone interested in the subject. Remember, you don't need to wait to become a victim to find this book useful, you can learn how to protect yourself right now.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.