Book Image

Enterprise Security: A Data-Centric Approach to Securing the Enterprise

By : Aaron Woody
Book Image

Enterprise Security: A Data-Centric Approach to Securing the Enterprise

By: Aaron Woody

Overview of this book

Enterprise security redefined using a data-centric approach and trust models to transform information security into a business enablement process. It is a unique and forward thinking approach for deciding the best method to secure data in the enterprise, the cloud, and in BYOD environments."Enterprise Security: A Data-Centric Approach to Securing the Enterprise" will guide you through redefining your security architecture to be more affective and turn information security into a business enablement process rather than a roadblock. This book will provide you with the areas where security must focus to ensure end-to-end security throughout the enterprise-supporting enterprise initiatives such as cloud and BYOD. "Enterprise Security: A Data-Centric Approach to Securing the Enterprise" will first introduce the reader to a new security architecture model and then explores the must have security methods and new tools that can used to secure the enterprise.This book will take a data-centric approach to securing the enterprise through the concept of Trust Models and building a layered security implementation focused on data. This is not your traditional security book focused on point solutions and the network aspect of security. This book combines best practice methods with new methods to approach enterprise security and how to remain agile as the enterprise demands more access to data from traditionally untrusted assets, hosted solutions, and third parties. Applied Information Security - A Data-Centric Approach to Securing the Enterprise will provide the reader an easy-to-follow flow from architecture to implementation, diagrams and recommended steps, and resources for further research and solution evaluation.This book is a reference and guide for all levels of enterprise security programs that have realized that non-data centric security is no longer practical and new methods must be used to secure the most critical assets in the enterprise.
Table of Contents (22 chapters)
Enterprise Security: A Data-Centric Approach to Securing the Enterprise
Credits
About the Author
About the Reviewers
www.packtpub.com
Preface
Applying Trust Models to Develop a Security Architectuture
Index

Physical security


The last component of the human element of security we will cover is physical security. It can be stated with a high degree of confidence that the most important facet of security is physical security; there is no security if access to systems is not limited or controlled. Another way to look at this is, if the system can be physically removed from the data center with nothing to prevent the action, then network access controls provide no benefit; therefore all other security is irrelevant. A scenario covered in the Social engineering section was the attacker attempting physical access to enterprise systems in order to gain access to enterprise data. This section will briefly cover the need for physical security controls, primarily the human interaction control.

In order for enterprise associates to protect the enterprise from well-trained social engineers who show up in person, they must know what to look for in behaviors and know how to react according to policy and training...