The document discusses approaches to safeguarding the enterprise through information security. It defines a safeguarded enterprise and outlines goals like enabling business-security alignment. Key aspects covered include security architecture with people, processes and technology layers; top security risks; application data security lifecycles; security information and event management; single sign-on; and security considerations around cloud computing and virtualization. The conclusion emphasizes that technology security must be simplified while addressing complexity.
2. Safeguarding the EnterpriseSafeguarding the EnterpriseSafeguarding the EnterpriseSafeguarding the Enterprise
a new approacha new approacha new approacha new approach
Why?
Physical Security
Safeguarding of Data
3. Safeguarding the EnterpriseSafeguarding the EnterpriseSafeguarding the EnterpriseSafeguarding the Enterprise
a new approacha new approacha new approacha new approach
Structure of the Presentation
• Definition of a Safeguarded Enterprise
• New approach – Gartner White Paper
• Goals
• Security risks and key success factors• Security risks and key success factors
• Security Architecture
• Data Center, Connectivity and Application
• Application Data Security Lifecycle
• Security Information and Event Management
• Single Sign On
• The future – Cloud Computing
• Conclusion
4. Safeguarding the EnterpriseSafeguarding the EnterpriseSafeguarding the EnterpriseSafeguarding the Enterprise
a new approacha new approacha new approacha new approach
What is a Safeguarded Enterprise?
Safeguarded Enterprise is the sum total of a clear-cut
perception, appropriate/integrated planning,perception, appropriate/integrated planning,
documentation, meticulous execution and
dynamic/robust maintenance of enterprise security
policy at awareness, attitudinal, physical, systems,
processes, application and data dimensions throughout
the enterprise creating a near fails safe enterprise.
Sanjay Sahay
5. Safeguarding the EnterpriseSafeguarding the EnterpriseSafeguarding the EnterpriseSafeguarding the Enterprise
Security as a SILOSecurity as a SILOSecurity as a SILOSecurity as a SILO
• Architecture• Architecture
Business Information
• Security• Architecture
Technology
6. Safeguarding the EnterpriseSafeguarding the EnterpriseSafeguarding the EnterpriseSafeguarding the Enterprise
a new approacha new approacha new approacha new approach
Gartner White Paper 2006
Incorporating Security into the
Enterprise Architecture
Process
7. S ES ES ES E a new approacha new approacha new approacha new approach
Enterprise Information Security ArchitectureEnterprise Information Security ArchitectureEnterprise Information Security ArchitectureEnterprise Information Security Architecture
• Architecture• Architecture
Business Information
• Architecture• Architecture
SecurityTechnology
8. SE
9/11 a watershed in modern history
Whatever Come May…Whatever Come May…
Physical Security will Always Count!
Land, Air Or Water
9. Safeguarding the EnterpriseSafeguarding the EnterpriseSafeguarding the EnterpriseSafeguarding the Enterprise
a new approacha new approacha new approacha new approach
Goals
Provide structure, coherence and cohesiveness
• Must enable business-to-security alignment• Must enable business-to-security alignment
• Defined top-down beginning with business strategy
• Establish a common "language" for information for
information security within the organisation
10. SESESESE a new approacha new approacha new approacha new approach
Top 10 Enterprise Security RisksTop 10 Enterprise Security RisksTop 10 Enterprise Security RisksTop 10 Enterprise Security Risks
Email Attachments
VPN Tunnel Vulnerabilities
Blended Attacks
Diversionary TacticsDiversionary Tactics
Download from Websites
Supply Chain and Partners Added to the Network
Microsoft’s SOAP
Renaming Documents
Peer – to - Peer Applications
Music and Video Browsers
11. SESESESE a new approacha new approacha new approacha new approach
Key Success Factors of SecurityKey Success Factors of SecurityKey Success Factors of SecurityKey Success Factors of Security
a
Security Awareness
Application
Network Security
Operating
System
Security
Patch and AV
management
Application
Security
SIEM
12. SESESESE a new approacha new approacha new approacha new approach
Security ArchitectureSecurity ArchitectureSecurity ArchitectureSecurity Architecture
People
Processes
Technology
13. SESESESE a new approacha new approacha new approacha new approach
Security ArchitectureSecurity ArchitectureSecurity ArchitectureSecurity Architecture
People Processes Technology
User Awareness Policies IPS
Guidance Standards FirewallGuidance Standards Firewall
Administration Guidelines AV
Monitor Audit DLP
SIEM
14. SESESESE a new approacha new approacha new approacha new approach
Defense in DepthDefense in DepthDefense in DepthDefense in Depth
“Defense in Depth” which is a concept used to
describe layers of defense strategies
The components at each layer work in tandem toThe components at each layer work in tandem to
provide in tandem to provide one cohesive security
mechanism
This layered approach will also help localize the
impact if one element of the mechanism is
compromised
15.
16. Safeguarding the EnterpriseSafeguarding the EnterpriseSafeguarding the EnterpriseSafeguarding the Enterprise
a new approacha new approacha new approacha new approach
Data Center, Connectivity and
Application are at the core of
Enterprise Security
17. Safeguarding the EnterpriseSafeguarding the EnterpriseSafeguarding the EnterpriseSafeguarding the Enterprise
a new approacha new approacha new approacha new approach
Data Center
The main purpose of a data center is
running the applications that handle the core
business and operational data of the
organization
Secure Application Usage is the Key
18. SESESESE a new approacha new approacha new approacha new approach
KSP Data CenterKSP Data CenterKSP Data CenterKSP Data Center
19. Safeguarding the EnterpriseSafeguarding the EnterpriseSafeguarding the EnterpriseSafeguarding the Enterprise
a new approacha new approacha new approacha new approach
Secure Connectivity is the Backbone
20. S ES ES ES E a new approacha new approacha new approacha new approach
KSP ConnectivityKSP ConnectivityKSP ConnectivityKSP Connectivity
21. Safeguarding the EnterpriseSafeguarding the EnterpriseSafeguarding the EnterpriseSafeguarding the Enterprise
a new approacha new approacha new approacha new approach
Application/s is at the heart of the
enterprise
22. SESESESE a new approacha new approacha new approacha new approach
The Application Data Security LifecycleThe Application Data Security LifecycleThe Application Data Security LifecycleThe Application Data Security Lifecycle
Assess Set Policies/Controls
Measure Monitor / Enforce
The Application
Data Security
Life Cycle
23. SESESESE a new approacha new approacha new approacha new approach
The Application Data Security LifecycleThe Application Data Security LifecycleThe Application Data Security LifecycleThe Application Data Security Lifecycle
Assess
Discover Servers and Data
Test Configuration
Evaluate Inherent Risks
Assess how and by who data and applications are used
Set Policies and Controls
Set policies automatically
Adapt to user changes
Support granular polices and controls
24. SESESESE a new approacha new approacha new approacha new approach
The Application Data Security LifecycleThe Application Data Security LifecycleThe Application Data Security LifecycleThe Application Data Security Lifecycle
Monitor and Enforce
Ensure separation of duties
Enforce user accountability
Capture full detailsCapture full details
Alert and block in real time
Measure
Built in & custom reports
Roll-up and drill down of data
Security event analysis
Compliance workflow
25. SESESESE a new approacha new approacha new approacha new approach
Security Information & Event ManagementSecurity Information & Event ManagementSecurity Information & Event ManagementSecurity Information & Event Management
Asset Discovery
Threat Detection
Vulnerability Assessment
S
I Vulnerability Assessment
Event Collection
Correlation
Event Management
Log Storage
I
E
M
26. SESESESE a new approacha new approacha new approacha new approach
SIEMSIEMSIEMSIEM
SIEM is a Intelligence platform helps safeguard the
business by giving you complete visibility into activity
across the IT Infrastructure
SIEM Capabilities
Data AggressionData Aggression
Correlation
Alerting
Dashboards
Compliance
Retention
27. SESESESE a new approacha new approacha new approacha new approach
Single Sign OnSingle Sign OnSingle Sign OnSingle Sign On
Single Sign On, SSO, is a property of access
control of multiple related, but independent
software systems.software systems.
Conversely, Single Sign Off, is the property
whereby the single action of signing out
terminates access to multiple software
systems
28. SESESESE a new approacha new approacha new approacha new approach
Single Sign OnSingle Sign OnSingle Sign OnSingle Sign On
More secure
Reduces password fatigue
Reduces time spend for re-entering passwordsReduces time spend for re-entering passwords
Reducing IT costs- Help desk calls about passwords
Security on all levels of entry/exit/access to systems
Centralized reporting for compliance adherence
29. SESESESE a new approacha new approacha new approacha new approach
Cloud Computing & SecurityCloud Computing & SecurityCloud Computing & SecurityCloud Computing & Security
There are a number of security issues/concerns associated with cloud
computing but these issues fall into two broad categories:
Security issues faced by cloud providers (organizations providing software-
platform or infrastructure-as-a-service via the cloud) and security issues facedplatform or infrastructure-as-a-service via the cloud) and security issues faced
by their customers
The provider must ensure that their infrastructure is secure and that their
clients’ data and applications are protected
The customer must ensure that the provider has taken the proper security
measures to protect their information.
30. SESESESE a new approacha new approacha new approacha new approach
Cloud Computing & SecurityCloud Computing & SecurityCloud Computing & SecurityCloud Computing & Security
VirtualizationVirtualizationVirtualizationVirtualization
The extensive use of virtualization in implementing
cloud infrastructure brings unique security concerns
for customers or tenants of a public cloud servicefor customers or tenants of a public cloud service
Virtualization alters the relationship between the OS
and underlying hardware - be it computing, storage or
even networking
31. SESESESE a new approacha new approacha new approacha new approach
Cloud Computing & SecurityCloud Computing & SecurityCloud Computing & SecurityCloud Computing & Security
VirtualizationVirtualizationVirtualizationVirtualization
•This introduces an additional layer - virtualization - that
itself must be properly configured, managed and
securedsecured
•Specific concerns include the potential to compromise
the virtualization software, or "hypervisor". While these
concerns are largely theoretical, they do exist
32. SESESESE a new approacha new approacha new approacha new approach
ConclusionConclusionConclusionConclusion
Complexity is our life and making it simple our goal.
Technology gains the highest end with simplistic products
and services. The complexity of IT security gets confounded
with innumerable applications, the processing power, thewith innumerable applications, the processing power, the
world wide web interface, cross enterprise collaboration and
the like. Cloud computing, though in its nascent stage has
thrown a major challenge to IT security, the success of
which would be epochal and the IT services would take a
well deserving leap forward.