Book Reviews: Information Security Books and Product Reviews – Least Privilege Security for Windows 7, Vista and XP

Book Title:   Least Privilege Security for Windows 7, Vista and XP

Subtitle: Secure desktops for regulatory compliance and business agility

Author: Russell Smith

Publisher: PACKT

Date of Publishing: July 2010

ISBN (13): 9781849680042

Price (UK&US price – full price, not discounted price): £36.99,   $59.99x

URL of Publisher Site:  PACKT

URL of Amazon UK web page:  Least Privilege Security for Windows 7, Vista, and XP

URL of Amazon UK (Kindle) web page:  Least Privilege Security for Windows 7, Vista and XP

URL of Amazon US web page:  Least Privilege Security for Windows 7, Vista, and XP

URL of Amazon US (Kindle) web page:  Least Privilege Security for Windows 7, Vista and XP

 The author takes an interesting approach in explaining ‘Least Privilege Security for Windows 7, Vista and XP’ with case studies, using them to demonstrate important security principles. This approach works well and is particularly effective in a system administration security space, given it provides the reader with scenario-driven examples. Such explanations would assist an IT professional to read and understand these case studies, whilst being able to relate them to their own experiences. As an IT professional it would be fair to state that I have significant experience of the Windows Networking environment. However, this book enabled me to enhance and polish my skills further – an example would the very useful Windows Server 2008 PowerShell commands listing. The book is structured into fourteen interesting and meaningful chapters, and ‘Chapter 9 – Developing Software Restriction polices and Applocker’ in particular interests me most personally. The reader does not necessarily have to read each chapter in a sequence from the beginning – given each chapter by itself is constructed well with its own good reading flow and able to explain the relevant concepts successfully. This is particularly good since a beginner or an experienced person can equally find value in it. The technical elements are explained by using GUI and commands – this helps the reader practice both ways of working. Plus the book contains relevant references in all sections that will assist the user to confirm the content from Microsoft TechNet.GPO and MMC well covered in this book. It doesn’t only focuses on the ‘Windows Server’ environments, but it also explains the ‘Windows Client’ environments. Even a home user can get very useful information to protect his/her computer from malicious attacks and strengthen its security. A good example of this would be where usually most users are not PC savvy enough to configure their own Operating System to prevent any security compromises such as remote and internal attacks. In such an instance the ‘Least Privilege Security for Windows 7, Vista and X’ book provides them good advice.

Approaches to securing systems and networks vary widely from industry to industry and organization to organization. By examining a variety of real-life incidents (where organizations are too embarrassed to publicly admit), the author explains what could have been done differently to avoid & prevent such failures – this is explained in terms of not just what creating different processes/controls can do but also having better security countermeasures in place to begin with.

“Least Privilege Security for Windows 7, Vista and XP” is a good resource for both experienced IT professional and beginners, and will help both alike. The book successfully explains the importance of ‘security in a windows environment’. I have already recommended this book to my organization’s system administrators and network administrators.

Marks: 5 out of 5
xxxxx

AllEscortAllEscortAllEscort