Definition of Enterprise Security
Enterprise security is the process of securing a corporations' infrastructure and information.
|
|
Enterprise Security
|
|
Case Study in Developing Fault Tolerant and Highly Available Systems with Secure Zones of Protection
Process Control is the part of a company that controls the critical processes that company operations are dependent upon. It is part of the critical infrastructure of the company and the clients that it serves. Various parameters, status and measured values are constantly queried via Supervisory Control and Data Acquisition, (SCADA), to control the process. Legacy mainframe systems that housed the Process Control System, (PCS), became too cumbersome and expensive to maintain prompting the move to a distributed 24X7 architecture. The distribution of process control, monitoring and alerting functions to various Unix and Windows servers via network connected devices forced us to realize that we were no longer isolated from the "world" and that securing our networks became objective number one. This paper will discuss the processes and actions taken to provide 24X7 fault tolerant and highly available systems with physical as well as cyber security in the forefront.
Read the Article
|
How to Identify and "Contain" Some of the Information Security Problems Created by Unique Business Environments
A university setting will be used to illustrate this idea, that an organization is characterized by its business environment. Several aspects of the university's business environment are unique only to universities. One such aspect to be explored in detail is the effect of the student user group within the environment and the problems they can create for information security initiatives. In order to contain the problems within this environment an analysis of the student user is necessary. What qualifies an individual to write on this subject? In my case experience is my primary qualification. I've spent the last five and half years in the same university environment. The first four years, as a business school undergraduate student, I did almost everything imaginable to make information security workers cringe.
Read the Article
|
Information Assurance at the PC Level
This paper contemplates a bottom up approach to information security, where attention is given to information assurance at the PC level initially, rather than as an after thought. Information assurance for an individual PC is examined within the context of threat vectors, with an emphasis on risk mitigation and how to achieve it. Basic security measures are enumerated for each threat vector with a "how to" approach.
Read the Article
|
Security-What Does
A large part of the technology industry is concerned with information security and trustworthy computing, and the purpose of this paper is to determine how the infrastructure and relationship between trust and security has evolved in technology. The growth of the internet and its underlying technology and applications give all of us greater functionality. Identity theft and other vulnerabilities have been exploited in the past and continue in the present, and despite greater technology, will be here in the future. While we strive to minimize the risk we face in protecting our security; in the form of Confidentiality-Integrity-Availabilty we will see what Trust has to do with it.
Read the Article
|
Three Defenses to a Secure System: Virus Scanning, Applying Patches and System Monitoring
The purpose of this paper is to share with other system administrators the "how to" on tools that can be used for basic security configuration. Most of the documentation on securing windows systems that I initially found was very general in terms. For example, apply patches to the operating system. That is a great idea but how to get started and use available tools to streamline the process is just as important. After some research I have found that Microsoft has specific tools to determine what patches you need and how to apply them a bit more streamlined and automatic using tools to begin the layers of security in a Windows environment. This document describes issues to consider when setting up virus scanning software, using Microsoft tools to make patching operating systems easier, and a few specific tools that you can use to benchmark or monitor your operating system that might help you spot those abnormalities that should not be there.
Read the Article
|
Tightening Site Access
Let me begin by stating up front, "I am not a security specialist". I am an administrator looking after a small site who has an interest in obtaining a reasonable level of proficiency in security. Why the interest? Well there are two reasons. The first is that in order for the Internet to fulfill its utopian promise people need to feel confident about performing their daily business using the medium. That means that all of us in the IT business are going to have to play our part in improving the day to day security, including administrators of small sites. Although it is highly unlikely we would be targeted directly we could quite easily fall to "cyber vandals" or groups wishing to use us as a staging post in attacks against other sites. The second reason is more personal.
Read the Article
|
Help we just fired our only IT person!
You are sitting at your desk when the call comes in from a business acquaintance asking for help because they just fired their only IT person "for very good cause". As you ask questions, you realize that your acquaintance has a real problem. You find out that there is no documentation, no knowledge of passwords, critical applications are exposed to the Internet, users are unhappy and they don't know where to start. Your business has provide services to them before and writing a new contract is not an issue. How do you start? Once onsite, you try to get a snapshot of the situation at a high level. Sit down with the contact and work through the issues to get a deeper understanding of the hot buttons. Look for their immediate exposures, develop an understanding of the corporate culture, map out a plan of attack and start securing the infrastructure. Some things should be obvious like changing passwords. Others are a little more obscure, like finding hidden remote access servers.
Read the Article
|
RBAC In The Real World
In the computer industry, access control refers to managing the ability for people to access computers and computer resources. Access control should enhance security without hindering someone from performing his or her job in the organization. There are three different types of access control models: mandatory access control, discretionary access control and non-discretionary access control. Discretionary access control is based on a user's access needs. A system administrator provides access to an object based on a user's need and the user then has the discretion as to whether to pass on this access to other user's or not. Mandatory access control is more restrictive and is normally used in military systems. With mandatory access, all objects and users in the system are assigned a label. A user can only access an object based on the permissions of the label assigned to him/her. Non-discretionary access control is based on roles. Privileges are granted based on a user's role.
Read the Article
|
Protecting Your Internal Systems from a Compromised Host
The concept for this paper came from a recent incident when one of our customer machines was compromised. It is designed to cover some additional aspects of systems security and design, which I believe have been ignored to some extent in the Security Essentials material and most systems admin courses. At some stage you must concede that a system will be compromised and as such being located in a trusted or semi-trusted position on the network an effort must be made to minimize the impact and also identify the problem as soon as possible. The content of this paper has been kept brief and covered areas that have not really been emphasised enough and fall victim to lazy system management. A number of other areas like systems resource monitoring, systems file access and protection, and user management issues are generally well covered in standard system administration courses and guides and are not mentioned in the paper.
Read the Article
|
Network Security Concepts and Essentials: A University Overview
Using my experience from working at an Australian university, I will discuss how the number of internal and external threats is increasing and providing intruders with a vast array of "ways to compromise university machines." A network can be defined as two or more computers connected together so they can share resources easily and with high reliability. They can also provide cost saving benefits to companies. Joining two or more networks together is known as internetworking. This means that the Internet is just an internetwork - a collection of interconnected networks. This paper presents a description of the major internal and external threats, along with their remedies. The target audience is any company that has a presence on the Internet.
Read the Article
|
|
|
Page: 1 2 3 4 5 6 7 8 9 10 11
Members currently browsing this category:
|
|
