- The Methodical Approach and the Need for a Methodology
- Firewalls, Security, and Risk Management
- How to Think About Risk Management
- Computer Security Principles
- Firewall Recommendations and Definitions
- Why Do I Need a Firewall?
- Do I Need More Than a Firewall?
- What Kinds of Firewalls Are There?
- The Myth of "Trustworthy" or "Secure" Software
- Know Your Vulnerabilities
- Creating Security Policies
- Defense in Depth
After you have your security model and policies in place, users will need to be trained on them. This can be something as simple as, for a home firewall, explaining to your spouse, roommates, or whomever that you now have a firewall in place and how it is configured.
For larger organizations, you will need to go a little further than this. Training your users can be the difference between a security plan that works and one that fails on the first day. For instance, your plan might be thwarted via something as simple as a social engineering attack. An employee or user is convinced to give someone else access to your systems or building.