Chapter 10: Security and Personalization - Practical Intranet Development [Electronic resources] نسخه متنی

اینجــــا یک کتابخانه دیجیتالی است

با بیش از 100000 منبع الکترونیکی رایگان به زبان فارسی ، عربی و انگلیسی

جستجو بر اساس ... همه عنوان پدیدآور موضوع یادداشت تمام متن
اصطلاحنامه مجموعه ها مرورالفبایی لغت نامه دهخدا
جستجو در لغت نامه
بیشتر
کتابخانه شخصی پرسش از کتابدار ارسال منبع

Practical Intranet Development [Electronic resources] - نسخه متنی

John Colbyet al.

| نمايش فراداده ، افزودن یک نقد و بررسی
افزودن به کتابخانه شخصی
میخواهم بخوانم
درحال خواندن
خوانده شده
ارسال به دوستان

آدرس پست الکترونیک گیرنده :

آدرس پست الکترونیک فرستنده :

نام و نام خانوارگی فرستنده :

پیغام برای گیرنده ( حداکثر 250 حرف ) :

کد امنیتی را وارد نمایید

ارسال
جستجو در متن کتاب
بیشتر
تنظیمات قلم

فونت

اندازه قلم

+ - پیش فرض

حالت نمایش

روز نیمروز شب
جستجو در لغت نامه
بیشتر
توضیحات
افزودن یادداشت جدید







Chapter 10: Security and Personalization


Overview



Author: Jeffrey Haas



Intranet security options



Security policies



User directories and personalization



This chapter explains why securing an intranet is important and outlines a variety of approaches that can be taken. Once the decision about security has been made, you'll likely find that the personalization issue has simultaneously been decided. This is because the user identification process inherent in a security authorization scheme will naturally extend to customizing that user's experience according to their security profile or other extended settings. Then, when basic customization is occurring, it's not a very significant theoretical step towards complete personalization (by either the system or the users themselves).

It's important to remember that security can be implemented without personalization, but the opposite is not true. If your intranet's personalization engine isn't absolutely certain who your users are, customization with integrity will be impossible. That's why it's important for us to discuss intranet security first.

Intranet security isn't just about keeping people out. You should certainly consider the implications of placing sensitive business data on your intranet and what might happen if it falls into the wrong hands, but there are other aspects to consider as well. A secure intranet can empower your organization by giving employees an opportunity to freely share and exchange information for projects and corporate initiatives. If you can guarantee that limited groups of users will have access to sensitive data (year-end financial results or salary increases that are being discussed, for example), then all the benefits of interactivity and collaboration that are inherent to web-based applications can take effect.

If intranet users know that their data will only be accessible to appropriate parties, the adoption rate of functional areas will skyrocket. Strong security policies can make insecure users feel secure in their use of your intranet. Payroll, benefits, and training areas of a business, for example, could be integrated into an intranet and embraced by users if this sense of security existed, resulting in substantial cost savings for your company.


"If intranet users know that their data will only be accessible to appropriate parties, the adoption rate of functional areas will skyrocket"






Note

This chapter talks in absolutes such as 'guaranteed restrictions' and binary access permissions that define individual users and groups of users who can either get in or not get in to a system, but be aware that absolute guarantees do not exist in the real world. You can be careful - and you must be careful in regard to anything that cannot be made public for any reason - but you must realize that even large corporations with multi-million-dollar IT budgets, governments, and military installations get hacked periodically. Read any IT news site for news of this and realize that internal dangers are as relevant as external ones (more on this later). You should take reasonable precautions to secure your network, your data, and your company from the many dangers of a networked world, but do not put your career on the line by promising your system will never be compromised. Also, do not ever be complacent with your existing standards, best practices, and rulebooks. Constant vigilance, unfortunately, is necessary if you want to minimize risks.


/ 124