Enterprise Security: A Data-Centric Approach to Securing the Enterprise. A guide to applying data-centric security concepts for securing enterprise data to enable an agile enterprise - Eлектронна книга - Aaron Woody - Cучасна освітня платформа

Категорії

Деталі електронної книги

Увійти, Якщо вас цікавить зміст видання.

Enterprise Security: A Data-Centric Approach to Securing the Enterprise. A guide to applying data-centric security concepts for securing enterprise data to enable an agile enterprise

Aaron Woody

Eлектронна книга

Enterprise security redefined using a data-centric approach and trust models to transform information security into a business enablement process. It is a unique and forward thinking approach for deciding the best method to secure data in the enterprise, the cloud, and in BYOD environments.Enterprise Security: A Data-Centric Approach to Securing the Enterprise will guide you through redefining your security architecture to be more affective and turn information security into a business enablement process rather than a roadblock. This book will provide you with the areas where security must focus to ensure end-to-end security throughout the enterprise-supporting enterprise initiatives such as cloud and BYOD. Enterprise Security: A Data-Centric Approach to Securing the Enterprise will first introduce the reader to a new security architecture model and then explores the must have security methods and new tools that can used to secure the enterprise.This book will take a data-centric approach to securing the enterprise through the concept of Trust Models and building a layered security implementation focused on data. This is not your traditional security book focused on point solutions and the network aspect of security. This book combines best practice methods with new methods to approach enterprise security and how to remain agile as the enterprise demands more access to data from traditionally untrusted assets, hosted solutions, and third parties. Applied Information Security - A Data-Centric Approach to Securing the Enterprise will provide the reader an easy-to-follow flow from architecture to implementation, diagrams and recommended steps, and resources for further research and solution evaluation.This book is a reference and guide for all levels of enterprise security programs that have realized that non-data centric security is no longer practical and new methods must be used to secure the most critical assets in the enterprise.

Enterprise Security: A Data-Centric Approach to Securing the Enterprise
- Table of Contents
- Enterprise Security: A Data-Centric Approach to Securing the Enterprise
- Credits
- About the Author
- About the Reviewers
- www.packtpub.com
  - Support files, e-books, discount offers, and more
    - Why Subscribe?
    - Free Access for Packt account holders
    - Instant Updates on New Packt Books
- Preface
  - What this book covers
  - Who this book is for
  - Conventions
  - Reader feedback
  - Customer support
    - Errata
    - Piracy
    - Questions
- 1. Enterprise Security Overview
  - The façade of enterprise security
    - The history and making of the façade
    - Our current approach to security
      - Security architecture 101
      - A new approach to security
  - Enterprise security pitfalls
    - Shortcomings of the current security architecture
    - Communicating information security
    - The cost of information security
    - The conflicting message of enterprise security
    - Proving a negative
  - The road map to securing the enterprise
    - Road map components
      - Defining users
      - Defining applications
      - Defining data
      - Defining roles
      - Defining processes
      - Defining policies and standards
      - Defining network infrastructure
      - Defining application security architecture
  - Summary
- 2. Security Architectures
  - Redefining the network edge
    - Drivers for redefinition
      - Feature-rich web applications
      - Business partner access
      - Miscellaneous third-party services
      - Cloud initiatives
  - Security architecture models
    - Defining the building blocks of trust models
      - Defining data in a trust model
        
        Data locations
        
        Data types
      - Defining processes in a trust model
      - Defining applications in a trust model
      - Defining users in a trust model
      - Defining roles in a trust model
      - Defining policies and standards
    - Enterprise trust models
      - Application user (external)
      - Application owner (business partner)
      - System owner (contractor)
      - Data owner (internal)
      - Automation
    - Micro architectures
    - Data risk-centric architectures
    - BYOD initiatives
      - Bring your own mobile device
      - Bring your own PC
  - Summary
- 3. Security As a Process
  - Risk analysis
    - What is risk analysis?
      - Assessing threats
      - Assessing impact
      - Assessing probability
      - Assessing risk
        
        Qualitative risk analysis
        
        Qualitative risk analysis exercise
        
        Quantitative risk analysis
        
        Quantitative risk analysis exercise
    - Applying risk analysis to trust models
    - Deciding on a risk analysis methodology
    - Other thoughts on risk and new enterprise endeavors
  - Security policies and standards
    - Policy versus standard
      - A quick note on wording
    - Understanding security policy development
    - Common IT security policies
      - Information security policy
      - Acceptable use policy
      - Technology use policy
      - Remote access policy
      - Data classification policy
      - Data handling policy
      - Data retention policy
      - Data destruction policy
    - Policies for emerging technologies
      - Policy considerations
      - Emerging technology challenges
    - Developing enterprise security standards
      - Common IT security standards
        
        Wireless network security standard
        
        Trust model building block for wireless network security standard
        
        Applying trust models to develop standards
        
        Enterprise monitoring standard
        
        Enterprise encryption standard
        
        System hardening standard
  - Security exceptions
  - Security review of changes
    - Perimeter security changes
    - Data access changes
    - Network architectural changes
  - Summary
- 4. Securing the Network
  - Overview
  - Next generation firewalls
    - Benefits of NGFW technology
      - Application awareness
      - Intrusion prevention
      - Advanced malware mitigation
  - Intrusion detection and prevention
    - Intrusion detection
    - Intrusion prevention
    - Detection methods
      - Behavioral analysis
      - Anomaly detection
      - Signature-based detection
  - Advanced persistent threat detection and mitigation
  - Securing network services
    - DNS
      - DNS resolution
      - DNS zone transfer
      - DNS records
      - DNSSEC
    - E-mail
      - SPAM filtering
        
        SPAM filtering in the cloud
        
        Local SPAM filtering
      - SPAM relaying
    - File transfer
      - Implementation considerations
        
        Secure file transfer protocols
        
        User authentication
    - User Internet access
    - Websites
      - Secure coding
      - Next generation firewalls
      - IPS
      - Web application firewall
  - Network segmentation
    - Network segmentation strategy
      - Asset identification
      - Security mechanisms
  - Applying security architecture to the network
    - Security architecture in the DMZ
    - Security architecture in the internal network
    - Security architecture and internal segmentation
  - Summary
- 5. Securing Systems
  - System classification
    - Implementation considerations
    - System management
      - Asset inventory labels
      - System patching
  - File integrity monitoring
    - Implementation considerations
    - Implementing FIM
      - Real-time FIM
      - Manual mode FIM
  - Application whitelisting
    - Implementation considerations
  - Host-based intrusion prevention system
    - Implementation considerations
  - Host firewall
    - Implementation considerations
  - Anti-virus
    - Signature-based anti-virus
    - Heuristic anti-virus
    - Implementation considerations
  - User account management
    - User roles and permissions
    - User account auditing
  - Policy enforcement
  - Summary
- 6. Securing Enterprise Data
  - Data classification
    - Identifying enterprise data
      - Data types
      - Data locations
      - Automating discovery
      - Assign data owners
    - Assign data classification
  - Data Loss Prevention
    - Data in storage
    - Data in use
    - Data in transit
    - DLP implementation
      - DLP Network
      - DLP E-mail and Web
      - DLP Discover
      - DLP Endpoint
  - Encryption and hashing
    - Encryption and hashing explained
      - Encryption
      - Encrypting data at rest
        
        Database encryption
        
        The need for database encryption
        
        Methods of database encryption
        
        Application encryption
        
        Selective database encryption
        
        Complete database encryption
        
        Tokenization
        
        File share encryption
      - Encrypting data in use
      - Encrypting data in transit
  - Tokenization
  - Data masking
  - Authorization
  - Developing supporting processes
  - Summary
- 7. Wireless Network Security
  - Security and wireless networks
  - Securing wireless networks
    - A quick note on SSID cloaking and MAC filtering
    - Wireless authentication
      - Using shared key
        
        Caveats of shared key implementation
      - Using IEEE 802.1X
        
        Caveats of 802.1X implementation
    - Wireless encryption
      - WEP
      - WPA
      - WPA2
  - Wireless network implementation
    - Wireless signal considerations
    - End system configuration
    - Wireless encryption and authentication recommendations
      - Encryption
      - Authentication
      - Client-side certificates
      - EAP-TLS
      - Unique system check
  - Wireless segmentation
    - Wireless network integration
  - Wireless network intrusion prevention
  - Summary
- 8. The Human Element of Security
  - Social engineering
    - Electronic communication methods
      - Spam e-mail
        
        Key indicators of a spam e-mail
        
        Mitigating spam and e-mail threats
      - Social media
        
        Mitigating social media threats
    - In-person methods
      - Mitigating in-person social engineering
    - Phone methods
      - Mitigating phone methods
    - Business networking sites
      - Mitigating business networking site attacks
    - Job posting sites
      - Mitigating job posting-based attacks
  - Security awareness training
    - Training materials
      - Computer-based training
      - Classroom training
      - Associate surveys
    - Common knowledge
    - Specialized material
    - Effective training
    - Continued education and checks
  - Access denied enforcing least privilege
    - Administrator access
      - System administrator
      - Data administrator
      - Application administrator
  - Physical security
  - Summary
- 9. Security Monitoring
  - Monitoring strategies
    - Monitoring based on trust models
      - Data monitoring
      - Process monitoring
      - Application monitoring
      - User monitoring
    - Monitoring based on network boundary
    - Monitoring based on network segment
  - Privileged user access
    - Privileged data access
    - Privileged system access
    - Privileged application access
  - Systems monitoring
    - Operating system monitoring
    - Host-based intrusion detection system
  - Network security monitoring
    - Next-generation firewalls
    - Data loss prevention
    - Malware detection and analysis
    - Intrusion prevention
  - Security Information and Event Management
  - Predictive behavioral analysis
  - Summary
- 10. Managing Security Incidents
  - Defining a security incident
    - Security event versus security incident
  - Developing supporting processes
    - Security incident detection and determination
      - Physical security incidents
      - Network-based security incidents
    - Incident management
  - Getting enterprise support
  - Building the incident response team
    - Roles
      - Desktop support
      - Systems support
      - Applications support
      - Database support
      - Network support
      - Information security
    - HR, legal, and public relations
    - Responsibilities
    - Expected response times
    - Incident response contacts
    - Supporting procedures
      - A quick note on forensics
  - Developing the incident response plan
  - Taking action
    - Incident reporting
    - Incident response
    - In-house incident response
    - Contracted incident response
  - Summary
- A. Applying Trust Models to Develop a Security Architectuture
  - Encrypted file transfer (external)
    - External user
    - Internal user
    - Data owner
    - Automation
- B. Risk Analysis, Policy and Standard, and System Hardening Resources
  - Risk analysis resources
  - Policy and standard resources
  - System hardening resources
- C. Security Tools List
  - Tools for securing the network
  - Tools for securing systems
  - Tools for securing data
  - Tools for security monitoring
  - Tools for testing security
  - Tools for vulnerability scanning
- D. Security Awareness Resources
  - General presentation and training
  - Social engineering
  - Security awareness materials
  - Safe and secure computing resources
- E. Security Incident Response Resources
  - Building a CSIRT team
  - Incident response process
  - An example of incident response process flow
  - A sample incident response report form
  - A sample incident response form
- Index

Назва: Enterprise Security: A Data-Centric Approach to Securing the Enterprise. A guide to applying data-centric security concepts for securing enterprise data to enable an agile enterprise
Автор: Aaron Woody
Оригінальна назва: Enterprise Security: A Data-Centric Approach to Securing the Enterprise. A guide to applying data-centric security concepts for securing enterprise data to enable an agile enterprise
ISBN: 9781849685979, 9781849685979
Дата видання: 2013-02-22
Формат: Eлектронна книга
Ідентифікатор видання: e_3ass
Видавець: Packt Publishing

Виберіть мову

Категорії

Деталі електронної книги