Ben's Book of the Month: Review of "Firewalls Don't Stop Dragons: A Step-by-Step Guide to Computer Security for Non-Techies"


Posted on by Ben Rothke

Variations on a Theme is a superb piece by Johannes Brahms. Borrowing on that, In Firewalls Don't Stop Dragons: A Step-by-Step Guide to Computer Security for Non-Techies (Apress 978-1484238516), author Carey Parker has written an interesting variation on the theme of security awareness. This is a good thing, as you pretty much can’t have too many security awareness books.  

Parker has written a very helpful security awareness guide that readers can use to come up to speed. As the title implies, this is a step by step guide, and can be used to gain an understanding of the core areas around computer security. 

Early on, Parker makes a simple observation that far too many people involved in security awareness fail to appreciate. That being most people have no frame of reference for computer security. It’s often far too abstract and far too technical for them. With that, he decided to use the method of using a castle as an analogy for security awareness - thus the title. He is certainly not the first nor the last to use a castle analogy, but it works here. 

The book covers all of the core areas, including passwords, patching, safe surfing, parental guidelines, and much more. The book makes heavy use of screenshots, and is good for the reader who needs a lot of TLC. 

There’s a few bits of advice I disagree with in the book. Parker is not a fan of fingerprint biometric authentication. He thinks that if the fingerprint image is compromised, then the user will have the fingerprint compromised for life. As there is no standard biometric identifier, even if for example the Apple Touch ID image was comprised, it’s not like it could be used to authenticate into another system. 

Parker is also not a fan of anti-virus software and astutely writes of its limitations. Even with all of those limitations, for most users, it’s still much more beneficial for them to have anti-malware software installed, rather than forgo it and base their security on the other tactics described in the book. With that, this is a very helpful and easy to read guide that get help users get up to speed with all of the fundamentals of computer security.  

For those looking for a guide to help them secure their computer, laptop, smartphone and more, but are command line apprehensive, Firewalls Don't Stop Dragons should be their go-to guide. And like the castle analogy, for those who need such a guide, Parker will be their information security knight in shining armor. 


Contributors
Ben Rothke

Senior Information Security Manager, Tapad

DevSecOps & Application Security

firewalls

Blogs posted to the RSAConference.com website are intended for educational purposes only and do not replace independent professional judgment. Statements of fact and opinions expressed are those of the blog author individually and, unless expressly stated to the contrary, are not the opinion or position of RSA Conference™, or any other co-sponsors. RSA Conference does not endorse or approve, and assumes no responsibility for, the content, accuracy or completeness of the information presented in this blog.


Share With Your Community

Related Blogs