Safeguarding the Enterprise. A new approach.

Safeguarding the EnterpriseSafeguarding the Enterprise
a new approach
Sanjay Sahay,
IG, Karnataka

Safeguarding the EnterpriseSafeguarding the EnterpriseSafeguarding the EnterpriseSafeguarding the Enterprise
a new approacha new approacha new approacha new approach
Why?
Physical Security
Safeguarding of Data

Structure of the Presentation
• Definition of a Safeguarded Enterprise
• New approach – Gartner White Paper
• Goals
• Security risks and key success factors• Security risks and key success factors
• Security Architecture
• Data Center, Connectivity and Application
• Application Data Security Lifecycle
• Security Information and Event Management
• Single Sign On
• The future – Cloud Computing
• Conclusion

What is a Safeguarded Enterprise?
Safeguarded Enterprise is the sum total of a clear-cut
perception, appropriate/integrated planning,perception, appropriate/integrated planning,
documentation, meticulous execution and
dynamic/robust maintenance of enterprise security
policy at awareness, attitudinal, physical, systems,
processes, application and data dimensions throughout
the enterprise creating a near fails safe enterprise.
Sanjay Sahay

Security as a SILOSecurity as a SILOSecurity as a SILOSecurity as a SILO
• Architecture• Architecture
Business Information
• Security• Architecture
Technology

Gartner White Paper 2006
Incorporating Security into the
Enterprise Architecture
Process

S ES ES ES E a new approacha new approacha new approacha new approach
Enterprise Information Security ArchitectureEnterprise Information Security ArchitectureEnterprise Information Security ArchitectureEnterprise Information Security Architecture
Business Information
SecurityTechnology

SE
9/11 a watershed in modern history
Whatever Come May…Whatever Come May…
Physical Security will Always Count!
Land, Air Or Water

Goals
Provide structure, coherence and cohesiveness
• Must enable business-to-security alignment• Must enable business-to-security alignment
• Defined top-down beginning with business strategy
• Establish a common "language" for information for
information security within the organisation

SESESESE a new approacha new approacha new approacha new approach
Top 10 Enterprise Security RisksTop 10 Enterprise Security RisksTop 10 Enterprise Security RisksTop 10 Enterprise Security Risks
Email Attachments
VPN Tunnel Vulnerabilities
Blended Attacks
Diversionary TacticsDiversionary Tactics
Download from Websites
Supply Chain and Partners Added to the Network
Microsoft’s SOAP
Renaming Documents
Peer – to - Peer Applications
Music and Video Browsers

Key Success Factors of SecurityKey Success Factors of SecurityKey Success Factors of SecurityKey Success Factors of Security
a
Security Awareness
Application
Network Security
Operating
System
Security
Patch and AV
management
Application
Security
SIEM

Security ArchitectureSecurity ArchitectureSecurity ArchitectureSecurity Architecture
People
Processes
Technology

Security ArchitectureSecurity ArchitectureSecurity ArchitectureSecurity Architecture
People Processes Technology
User Awareness Policies IPS
Guidance Standards FirewallGuidance Standards Firewall
Administration Guidelines AV
Monitor Audit DLP
SIEM

Defense in DepthDefense in DepthDefense in DepthDefense in Depth
“Defense in Depth” which is a concept used to
describe layers of defense strategies
The components at each layer work in tandem toThe components at each layer work in tandem to
provide in tandem to provide one cohesive security
mechanism
This layered approach will also help localize the
impact if one element of the mechanism is
compromised

Data Center, Connectivity and
Application are at the core of
Enterprise Security

Data Center
The main purpose of a data center is
running the applications that handle the core
business and operational data of the
organization
Secure Application Usage is the Key

KSP Data CenterKSP Data CenterKSP Data CenterKSP Data Center

Secure Connectivity is the Backbone

S ES ES ES E a new approacha new approacha new approacha new approach
KSP ConnectivityKSP ConnectivityKSP ConnectivityKSP Connectivity

Application/s is at the heart of the
enterprise

The Application Data Security LifecycleThe Application Data Security LifecycleThe Application Data Security LifecycleThe Application Data Security Lifecycle
Assess Set Policies/Controls
Measure Monitor / Enforce
The Application
Data Security
Life Cycle

Assess
Discover Servers and Data
Test Configuration
Evaluate Inherent Risks
Assess how and by who data and applications are used
Set Policies and Controls
Set policies automatically
Adapt to user changes
Support granular polices and controls

Monitor and Enforce
Ensure separation of duties
Enforce user accountability
Capture full detailsCapture full details
Alert and block in real time
Measure
Built in & custom reports
Roll-up and drill down of data
Security event analysis
Compliance workflow

Security Information & Event ManagementSecurity Information & Event ManagementSecurity Information & Event ManagementSecurity Information & Event Management
Asset Discovery
Threat Detection
Vulnerability Assessment
S
I Vulnerability Assessment
Event Collection
Correlation
Event Management
Log Storage
I
E
M

SIEMSIEMSIEMSIEM
SIEM is a Intelligence platform helps safeguard the
business by giving you complete visibility into activity
across the IT Infrastructure
SIEM Capabilities
Data AggressionData Aggression
Correlation
Alerting
Dashboards
Compliance
Retention

Single Sign OnSingle Sign OnSingle Sign OnSingle Sign On
Single Sign On, SSO, is a property of access
control of multiple related, but independent
software systems.software systems.
Conversely, Single Sign Off, is the property
whereby the single action of signing out
terminates access to multiple software
systems

Single Sign OnSingle Sign OnSingle Sign OnSingle Sign On
More secure
Reduces password fatigue
Reduces time spend for re-entering passwordsReduces time spend for re-entering passwords
Reducing IT costs- Help desk calls about passwords
Security on all levels of entry/exit/access to systems
Centralized reporting for compliance adherence

Cloud Computing & SecurityCloud Computing & SecurityCloud Computing & SecurityCloud Computing & Security
There are a number of security issues/concerns associated with cloud
computing but these issues fall into two broad categories:
Security issues faced by cloud providers (organizations providing software-
platform or infrastructure-as-a-service via the cloud) and security issues facedplatform or infrastructure-as-a-service via the cloud) and security issues faced
by their customers
The provider must ensure that their infrastructure is secure and that their
clients’ data and applications are protected
The customer must ensure that the provider has taken the proper security
measures to protect their information.

VirtualizationVirtualizationVirtualizationVirtualization
The extensive use of virtualization in implementing
cloud infrastructure brings unique security concerns
for customers or tenants of a public cloud servicefor customers or tenants of a public cloud service
Virtualization alters the relationship between the OS
and underlying hardware - be it computing, storage or
even networking

VirtualizationVirtualizationVirtualizationVirtualization
•This introduces an additional layer - virtualization - that
itself must be properly configured, managed and
securedsecured
•Specific concerns include the potential to compromise
the virtualization software, or "hypervisor". While these
concerns are largely theoretical, they do exist

ConclusionConclusionConclusionConclusion
Complexity is our life and making it simple our goal.
Technology gains the highest end with simplistic products
and services. The complexity of IT security gets confounded
with innumerable applications, the processing power, thewith innumerable applications, the processing power, the
world wide web interface, cross enterprise collaboration and
the like. Cloud computing, though in its nascent stage has
thrown a major challenge to IT security, the success of
which would be epochal and the IT services would take a
well deserving leap forward.

Safeguarding the Enterprise. A new approach.

Recomendados

Recomendados

Mais conteúdo relacionado

Mais procurados

Mais procurados (20)

Semelhante a Safeguarding the Enterprise. A new approach.

Semelhante a Safeguarding the Enterprise. A new approach. (20)

Mais de ADGP, Public Grivences, Bangalore

Mais de ADGP, Public Grivences, Bangalore (20)

Último

Último (20)

Safeguarding the Enterprise. A new approach.