Information Privacy Engineering and Privacy by Design: Understanding Privacy Threats, Technology, and Regulations Based on Standards and Best Practice

Stallings, William

  • 出版商: Addison Wesley
  • 出版日期: 2019-12-12
  • 售價: $2,560
  • 貴賓價: 9.5$2,432
  • 語言: 英文
  • 頁數: 528
  • 裝訂: Quality Paper - also called trade paper
  • ISBN: 0135302153
  • ISBN-13: 9780135302156
  • 相關分類: 資訊安全
  • 立即出貨 (庫存=1)

買這商品的人也買了...

商品描述

Organizations of all kinds are recognizing the crucial importance of protecting privacy. Their customers, employees, and other stakeholders demand it. Today, failures to safeguard privacy can destroy organizational reputations -- and even the organizations themselves. But implementing effective privacy protection is difficult, and there are few comprehensive resources for those tasked with doing so. In Information Privacy Engineering and Privacy by Design, renowned information technology author William Stallings brings together the comprehensive and practical guidance you need to succeed. Stallings shows how to apply today's consensus best practices and widely-accepted standards documents in your environment, leveraging policy, procedures, and technology to meet legal and regulatory requirements and protect everyone who depends on you. Like Stallings' other award-winning texts, this guide is designed to help readers quickly find the information and gain the mastery needed to implement effective privacy. Coverage includes:

  • Planning for privacy: approaches for managing and controlling the privacy control function; how to define your IT environment's requirements; and how to develop appropriate policies and procedures for it
  • Privacy threats: Understanding and identifying the full range of threats to privacy in information collection, storage, processing, access, and dissemination
  • Information privacy technology: Satisfying the privacy requirements you've defined by using technical controls, privacy policies, employee awareness, acceptable use policies, and other techniques
  • Legal and regulatory requirements: Understanding GDPR as well as the current spectrum of U.S. privacy regulations, with insight for mapping regulatory requirements to IT actions

商品描述(中文翻譯)

各種組織都意識到保護隱私的重要性,他們的客戶、員工和其他利益相關者都要求保護隱私。如今,未能保護隱私可能會摧毀組織的聲譽,甚至導致組織的崩潰。然而,實施有效的隱私保護並不容易,缺乏全面的資源供負責此項任務的人使用。在《資訊隱私工程與隱私設計》一書中,著名資訊技術作家威廉·斯特林斯匯集了您成功所需的全面且實用的指導。斯特林斯展示了如何在您的環境中應用當今共識的最佳實踐和廣泛接受的標準文件,利用政策、程序和技術來滿足法律和監管要求,並保護所有依賴您的人。與斯特林斯的其他屢獲殊榮的著作一樣,本指南旨在幫助讀者快速找到所需的信息並掌握實施有效隱私保護所需的技能。內容包括:

- 隱私規劃:管理和控制隱私控制功能的方法;如何定義您的IT環境的需求;以及如何制定相應的政策和程序。
- 隱私威脅:了解和識別信息收集、存儲、處理、訪問和傳播中的各種隱私威脅。
- 資訊隱私技術:通過使用技術控制、隱私政策、員工意識、可接受使用政策和其他技術來滿足您所定義的隱私要求。
- 法律和監管要求:了解歐盟通用數據保護法(GDPR)以及當前美國隱私法規的範譜,並提供將監管要求映射到IT行動的見解。