The first half of the book is a collection of amusing stories of deception when an unauthorized person gains access to information they are not supposed to. The second half contains a set of policies companies should apply in order to prevent the stories of the first half to become a reality. Some technical bits are outdated, but generally, policies are on point and very relevant today. 3.5