Enterprise Security : A Data-Centric Approach to Securing the Enterprise.
Title:
Enterprise Security : A Data-Centric Approach to Securing the Enterprise.
Author:
Woody, Aaron.
ISBN:
9781849685979
Personal Author:
Physical Description:
1 online resource (376 pages)
Contents:
Enterprise Security: A Data-Centric Approach to Securing the Enterprise -- Table of Contents -- Enterprise Security: A Data-Centric Approach to Securing the Enterprise -- Credits -- About the Author -- About the Reviewers -- www.packtpub.com -- Support files, e-books, discount offers, and more -- Why Subscribe? -- Free Access for Packt account holders -- Instant Updates on New Packt Books -- Preface -- What this book covers -- Who this book is for -- Conventions -- Reader feedback -- Customer support -- Errata -- Piracy -- Questions -- 1. Enterprise Security Overview -- The façade of enterprise security -- The history and making of the façade -- Our current approach to security -- Security architecture 101 -- A new approach to security -- Enterprise security pitfalls -- Shortcomings of the current security architecture -- Communicating information security -- The cost of information security -- The conflicting message of enterprise security -- Proving a negative -- The road map to securing the enterprise -- Road map components -- Defining users -- Defining applications -- Defining data -- Defining roles -- Defining processes -- Defining policies and standards -- Defining network infrastructure -- Defining application security architecture -- Summary -- 2. Security Architectures -- Redefining the network edge -- Drivers for redefinition -- Feature-rich web applications -- Business partner access -- Miscellaneous third-party services -- Cloud initiatives -- Security architecture models -- Defining the building blocks of trust models -- Defining data in a trust model -- Data locations -- Data types -- Defining processes in a trust model -- Defining applications in a trust model -- Defining users in a trust model -- Defining roles in a trust model -- Defining policies and standards -- Enterprise trust models -- Application user (external).
Application owner (business partner) -- System owner (contractor) -- Data owner (internal) -- Automation -- Micro architectures -- Data risk-centric architectures -- BYOD initiatives -- Bring your own mobile device -- Bring your own PC -- Summary -- 3. Security As a Process -- Risk analysis -- What is risk analysis? -- Assessing threats -- Assessing impact -- Assessing probability -- Assessing risk -- Qualitative risk analysis -- Qualitative risk analysis exercise -- Quantitative risk analysis -- Quantitative risk analysis exercise -- Applying risk analysis to trust models -- Deciding on a risk analysis methodology -- Other thoughts on risk and new enterprise endeavors -- Security policies and standards -- Policy versus standard -- A quick note on wording -- Understanding security policy development -- Common IT security policies -- Information security policy -- Acceptable use policy -- Technology use policy -- Remote access policy -- Data classification policy -- Data handling policy -- Data retention policy -- Data destruction policy -- Policies for emerging technologies -- Policy considerations -- Emerging technology challenges -- Developing enterprise security standards -- Common IT security standards -- Wireless network security standard -- Trust model building block for wireless network security standard -- Applying trust models to develop standards -- Enterprise monitoring standard -- Enterprise encryption standard -- System hardening standard -- Security exceptions -- Security review of changes -- Perimeter security changes -- Data access changes -- Network architectural changes -- Summary -- 4. Securing the Network -- Overview -- Next generation firewalls -- Benefits of NGFW technology -- Application awareness -- Intrusion prevention -- Advanced malware mitigation -- Intrusion detection and prevention -- Intrusion detection.
Intrusion prevention -- Detection methods -- Behavioral analysis -- Anomaly detection -- Signature-based detection -- Advanced persistent threat detection and mitigation -- Securing network services -- DNS -- DNS resolution -- DNS zone transfer -- DNS records -- DNSSEC -- E-mail -- SPAM filtering -- SPAM filtering in the cloud -- Local SPAM filtering -- SPAM relaying -- File transfer -- Implementation considerations -- Secure file transfer protocols -- User authentication -- User Internet access -- Websites -- Secure coding -- Next generation firewalls -- IPS -- Web application firewall -- Network segmentation -- Network segmentation strategy -- Asset identification -- Security mechanisms -- Applying security architecture to the network -- Security architecture in the DMZ -- Security architecture in the internal network -- Security architecture and internal segmentation -- Summary -- 5. Securing Systems -- System classification -- Implementation considerations -- System management -- Asset inventory labels -- System patching -- File integrity monitoring -- Implementation considerations -- Implementing FIM -- Real-time FIM -- Manual mode FIM -- Application whitelisting -- Implementation considerations -- Host-based intrusion prevention system -- Implementation considerations -- Host firewall -- Implementation considerations -- Anti-virus -- Signature-based anti-virus -- Heuristic anti-virus -- Implementation considerations -- User account management -- User roles and permissions -- User account auditing -- Policy enforcement -- Summary -- 6. Securing Enterprise Data -- Data classification -- Identifying enterprise data -- Data types -- Data locations -- Automating discovery -- Assign data owners -- Assign data classification -- Data Loss Prevention -- Data in storage -- Data in use -- Data in transit -- DLP implementation -- DLP Network.
DLP E-mail and Web -- DLP Discover -- DLP Endpoint -- Encryption and hashing -- Encryption and hashing explained -- Encryption -- Encrypting data at rest -- Database encryption -- The need for database encryption -- Methods of database encryption -- Application encryption -- Selective database encryption -- Complete database encryption -- Tokenization -- File share encryption -- Encrypting data in use -- Encrypting data in transit -- Tokenization -- Data masking -- Authorization -- Developing supporting processes -- Summary -- 7. Wireless Network Security -- Security and wireless networks -- Securing wireless networks -- A quick note on SSID cloaking and MAC filtering -- Wireless authentication -- Using shared key -- Caveats of shared key implementation -- Using IEEE 802.1X -- Caveats of 802.1X implementation -- Wireless encryption -- WEP -- WPA -- WPA2 -- Wireless network implementation -- Wireless signal considerations -- End system configuration -- Wireless encryption and authentication recommendations -- Encryption -- Authentication -- Client-side certificates -- EAP-TLS -- Unique system check -- Wireless segmentation -- Wireless network integration -- Wireless network intrusion prevention -- Summary -- 8. The Human Element of Security -- Social engineering -- Electronic communication methods -- Spam e-mail -- Key indicators of a spam e-mail -- Mitigating spam and e-mail threats -- Social media -- Mitigating social media threats -- In-person methods -- Mitigating in-person social engineering -- Phone methods -- Mitigating phone methods -- Business networking sites -- Mitigating business networking site attacks -- Job posting sites -- Mitigating job posting-based attacks -- Security awareness training -- Training materials -- Computer-based training -- Classroom training -- Associate surveys -- Common knowledge -- Specialized material.
Effective training -- Continued education and checks -- Access denied - enforcing least privilege -- Administrator access -- System administrator -- Data administrator -- Application administrator -- Physical security -- Summary -- 9. Security Monitoring -- Monitoring strategies -- Monitoring based on trust models -- Data monitoring -- Process monitoring -- Application monitoring -- User monitoring -- Monitoring based on network boundary -- Monitoring based on network segment -- Privileged user access -- Privileged data access -- Privileged system access -- Privileged application access -- Systems monitoring -- Operating system monitoring -- Host-based intrusion detection system -- Network security monitoring -- Next-generation firewalls -- Data loss prevention -- Malware detection and analysis -- Intrusion prevention -- Security Information and Event Management -- Predictive behavioral analysis -- Summary -- 10. Managing Security Incidents -- Defining a security incident -- Security event versus security incident -- Developing supporting processes -- Security incident detection and determination -- Physical security incidents -- Network-based security incidents -- Incident management -- Getting enterprise support -- Building the incident response team -- Roles -- Desktop support -- Systems support -- Applications support -- Database support -- Network support -- Information security -- HR, legal, and public relations -- Responsibilities -- Expected response times -- Incident response contacts -- Supporting procedures -- A quick note on forensics -- Developing the incident response plan -- Taking action -- Incident reporting -- Incident response -- In-house incident response -- Contracted incident response -- Summary -- A. Applying Trust Models to Develop a Security Architectuture -- Encrypted file transfer (external) -- External user.
Internal user.
Abstract:
A guide to applying data-centric security concepts for securing enterprise data to enable an agile enterprise.
Local Note:
Electronic reproduction. Ann Arbor, Michigan : ProQuest Ebook Central, 2017. Available via World Wide Web. Access may be limited to ProQuest Ebook Central affiliated libraries.
Genre:
Electronic Access:
Click to View