Enterprise security : a data-centric approach to securing the enterprise : a guide to applying data-centric security concepts for securing enterprise data to enable an agile enterprise / Aaron Woody.

Format:

Book

Author/Creator:

Woody, Aaron.

Language:

English

Subjects (All):

Computer security.

Electronic commerce--Security measures.

Electronic commerce.

Physical Description:

1 online resource (324 p.)

Edition:

1st edition

Place of Publication:

Birmingham : Packt Pub., 2013.

Language Note:

English

System Details:

text file

Biography/History:

Woody Aaron: Aaron Woody is an expert in information security with over 15 years of experience across several industry verticals. His experience includes securing some of the largest enterprises in the world. Currently, he is a Security Consultant in the public sector. He is also a speaker and active instructor teaching hacking and forensics, and maintains a blog n00bpentesting. com. Aaron can also be followed on twitter at @shai_saint. He will be launching a companion website (http: //www. datacentricsec. com) for this book. To contact him for consulting please e-mail him at aaron. m. woody@gmail. com.

Summary:

A guide to applying data-centric security concepts for securing enterprise data to enable an agile enterprise.

Contents:

Cover; Copyright; Credits; About the Author; About the Reviewers; www.packtpub.com; Table of Contents; Preface; Chapter 1: Enterprise Security Overview; The façade of enterprise security; The history and making of the façade; Our current approach to security; Security architecture 101; A new approach to security; Enterprise security pitfalls; Shortcomings of the current security architecture; Communicating information security; The cost of information security; The conflicting message of enterprise security; Proving a negative; The road map to securing the enterprise; Road map components

Defining usersDefining applications; Defining data; Defining roles; Defining processes; Defining policies and standards; Defining network infrastructure; Defining application security architecture; Summary; Chapter 2: Security Architectures; Redefining the network edge; Drivers for redefinition; Feature-rich web applications; Business partner access; Miscellaneous third-party services; Cloud initiatives; Security architecture models; Defining the building blocks of trust models; Defining data in a trust model; Defining processes in a trust model; Defining applications in a trust model

Defining users in a trust modelDefining roles in a trust model; Defining policies and standards; Enterprise trust models; Application user (external); Application owner (business partner); System owner (contractor); Data owner (internal); Automation; Micro architectures; Data risk-centric architectures; BYOD initiatives; Bring your own mobile device; Bring your own PC; Summary; Chapter 3: Security As a Process; Risk analysis; What is risk analysis?; Assessing threats; Assessing impact; Assessing probability; Assessing risk; Applying risk analysis to trust models

Deciding on a risk analysis methodologyOther thoughts on risk and new enterprise endeavors; Security policies and standards; Policy versus standard; A quick note on wording; Understanding security policy development; Common IT security policies; Information security policy; Acceptable use policy; Technology use policy; Remote access policy; Data classification policy; Data handling policy; Data retention policy; Data destruction policy; Policies for emerging technologies; Policy considerations; Emerging technology challenges; Developing enterprise security standards

Common IT security standardsSecurity exceptions; Security review of changes; Perimeter security changes; Data access changes; Network architectural changes; Summary; Chapter 4: Securing the Network; Overview; Next generation firewalls; Benefits of NGFW technology; Application awareness; Intrusion prevention; Advanced malware mitigation; Intrusion detection and prevention; Intrusion detection; Intrusion prevention; Detection methods; Behavioral analysis; Anomaly detection; Signature-based detection; Advanced persistent threat detection and mitigation; Securing network services; DNS

DNS resolution

Notes:

"Professional experience distilled"--Cover.

Includes index.

ISBN:

9781621989165

162198916X

9781299261471

1299261477

9781849685979

1849685975

OCLC:

830169898