Enterprise Security: A Data-Centric Approach to Securing the Enterprise


Enterprise Security: A Data-Centric Approach to Securing the Enterprise
eBook: $26.99
Formats: PDF, PacktLib, ePub and Mobi formats
$22.94
save 15%!
Print + free eBook + free PacktLib access to the book: $71.98    Print cover: $44.99
$44.99
save 37%!
Free Shipping!
UK, US, Europe and selected countries in Asia.
Also available on:
Overview
Table of Contents
Author
Support
Sample Chapters
  • Learn sample forms and process flows for quick and easy use
  • An easy-to-follow reference for implementing information security in the enterprise
  • Learn enterprise information security challenges and roadmap to success

Book Details

Language : English
Paperback : 324 pages [ 235mm x 191mm ]
Release Date : February 2013
ISBN : 1849685967
ISBN 13 : 9781849685962
Author(s) : Aaron Woody
Topics and Technologies : All Books, Networking and Servers, Architecture & Analysis, Enterprise

Table of Contents

Preface
Chapter 1: Enterprise Security Overview
Chapter 2: Security Architectures
Chapter 3: Security As a Process
Chapter 4: Securing the Network
Chapter 5: Securing Systems
Chapter 6: Securing Enterprise Data
Chapter 7: Wireless Network Security
Chapter 8: The Human Element of Security
Chapter 9: Security Monitoring
Chapter 10: Managing Security Incidents
Appendix A: Applying Trust Models to Develop a Security Architectuture
Appendix B: Risk Analysis, Policy and Standard, and System Hardening Resources
Appendix C: Security Tools List
Appendix D: Security Awareness Resources
Appendix E: Security Incident Response Resources
Index
  • Chapter 1: Enterprise Security Overview
    • The façade of enterprise security
      • The history and making of the façade
      • Our current approach to security
        • Security architecture 101
        • A new approach to security
    • Enterprise security pitfalls
      • Shortcomings of the current security architecture
      • Communicating information security
      • The cost of information security
      • The conflicting message of enterprise security
      • Proving a negative
    • The road map to securing the enterprise
      • Road map components
        • Defining users
        • Defining applications
        • Defining data
        • Defining roles
        • Defining processes
        • Defining policies and standards
        • Defining network infrastructure
        • Defining application security architecture
    • Summary
    • Chapter 2: Security Architectures
      • Redefining the network edge
        • Drivers for redefinition
          • Feature-rich web applications
          • Business partner access
          • Miscellaneous third-party services
          • Cloud initiatives
      • Security architecture models
        • Defining the building blocks of trust models
          • Defining data in a trust model
          • Defining processes in a trust model
          • Defining applications in a trust model
          • Defining users in a trust model
          • Defining roles in a trust model
          • Defining policies and standards
        • Enterprise trust models
          • Application user (external)
          • Application owner (business partner)
          • System owner (contractor)
          • Data owner (internal)
          • Automation
        • Micro architectures
        • Data risk-centric architectures
        • BYOD initiatives
          • Bring your own mobile device
          • Bring your own PC
      • Summary
      • Chapter 3: Security As a Process
        • Risk analysis
          • What is risk analysis?
            • Assessing threats
            • Assessing impact
            • Assessing probability
            • Assessing risk
          • Applying risk analysis to trust models
          • Deciding on a risk analysis methodology
          • Other thoughts on risk and new enterprise endeavors
        • Security policies and standards
          • Policy versus standard
            • A quick note on wording
          • Understanding security policy development
          • Common IT security policies
            • Information security policy
            • Acceptable use policy
            • Technology use policy
            • Remote access policy
            • Data classification policy
            • Data handling policy
            • Data retention policy
            • Data destruction policy
          • Policies for emerging technologies
            • Policy considerations
            • Emerging technology challenges
          • Developing enterprise security standards
            • Common IT security standards
        • Security exceptions
        • Security review of changes
          • Perimeter security changes
          • Data access changes
          • Network architectural changes
        • Summary
        • Chapter 4: Securing the Network
          • Overview
          • Next generation firewalls
            • Benefits of NGFW technology
              • Application awareness
              • Intrusion prevention
              • Advanced malware mitigation
          • Intrusion detection and prevention
            • Intrusion detection
            • Intrusion prevention
            • Detection methods
              • Behavioral analysis
              • Anomaly detection
              • Signature-based detection
          • Advanced persistent threat detection and mitigation
          • Securing network services
            • DNS
              • DNS resolution
              • DNS zone transfer
              • DNS records
              • DNSSEC
            • E-mail
              • SPAM filtering
              • SPAM relaying
            • File transfer
              • Implementation considerations
            • User Internet access
            • Websites
              • Secure coding
              • Next generation firewalls
              • IPS
              • Web application firewall
          • Network segmentation
            • Network segmentation strategy
              • Asset identification
              • Security mechanisms
          • Applying security architecture to the network
            • Security architecture in the DMZ
            • Security architecture in the internal network
            • Security architecture and internal segmentation
          • Summary
          • Chapter 5: Securing Systems
            • System classification
              • Implementation considerations
              • System management
                • Asset inventory labels
                • System patching
            • File integrity monitoring
              • Implementation considerations
              • Implementing FIM
                • Real-time FIM
                • Manual mode FIM
            • Application whitelisting
              • Implementation considerations
            • Host-based intrusion prevention system
              • Implementation considerations
            • Host firewall
              • Implementation considerations
            • Anti-virus
              • Signature-based anti-virus
              • Heuristic anti-virus
              • Implementation considerations
            • User account management
              • User roles and permissions
              • User account auditing
            • Policy enforcement
            • Summary
            • Chapter 6: Securing Enterprise Data
              • Data classification
                • Identifying enterprise data
                  • Data types
                  • Data locations
                  • Automating discovery
                  • Assign data owners
                • Assign data classification
              • Data Loss Prevention
                • Data in storage
                • Data in use
                • Data in transit
                • DLP implementation
                  • DLP Network
                  • DLP E-mail and Web
                  • DLP Discover
                  • DLP Endpoint
              • Encryption and hashing
                • Encryption and hashing explained
                  • Encryption
                  • Encrypting data at rest
                  • Encrypting data in use
                  • Encrypting data in transit
              • Tokenization
              • Data masking
              • Authorization
              • Developing supporting processes
              • Summary
              • Chapter 7: Wireless Network Security
                • Security and wireless networks
                • Securing wireless networks
                  • A quick note on SSID cloaking and MAC filtering
                  • Wireless authentication
                    • Using shared key
                    • Using IEEE 802.1X
                  • Wireless encryption
                    • WEP
                    • WPA
                    • WPA2
                • Wireless network implementation
                  • Wireless signal considerations
                  • End system configuration
                  • Wireless encryption and authentication recommendations
                    • Encryption
                    • Authentication
                    • Client-side certificates
                    • EAP-TLS
                    • Unique system check
                • Wireless segmentation
                  • Wireless network integration
                • Wireless network intrusion prevention
                • Summary
                • Chapter 8: The Human Element of Security
                  • Social engineering
                    • Electronic communication methods
                      • Spam e-mail
                      • Social media
                    • In-person methods
                      • Mitigating in-person social engineering
                    • Phone methods
                      • Mitigating phone methods
                    • Business networking sites
                      • Mitigating business networking site attacks
                    • Job posting sites
                      • Mitigating job posting-based attacks
                  • Security awareness training
                    • Training materials
                      • Computer-based training
                      • Classroom training
                      • Associate surveys
                    • Common knowledge
                    • Specialized material
                    • Effective training
                    • Continued education and checks
                  • Access denied – enforcing least privilege
                    • Administrator access
                      • System administrator
                      • Data administrator
                      • Application administrator
                  • Physical security
                  • Summary
                  • Chapter 9: Security Monitoring
                    • Monitoring strategies
                      • Monitoring based on trust models
                        • Data monitoring
                        • Process monitoring
                        • Application monitoring
                        • User monitoring
                      • Monitoring based on network boundary
                      • Monitoring based on network segment
                    • Privileged user access
                      • Privileged data access
                      • Privileged system access
                      • Privileged application access
                    • Systems monitoring
                      • Operating system monitoring
                      • Host-based intrusion detection system
                    • Network security monitoring
                      • Next-generation firewalls
                      • Data loss prevention
                      • Malware detection and analysis
                      • Intrusion prevention
                    • Security Information and Event Management
                    • Predictive behavioral analysis
                    • Summary
                    • Chapter 10: Managing Security Incidents
                      • Defining a security incident
                        • Security event versus security incident
                      • Developing supporting processes
                        • Security incident detection and determination
                          • Physical security incidents
                          • Network-based security incidents
                        • Incident management
                      • Getting enterprise support
                      • Building the incident response team
                        • Roles
                          • Desktop support
                          • Systems support
                          • Applications support
                          • Database support
                          • Network support
                          • Information security
                        • HR, legal, and public relations
                        • Responsibilities
                        • Expected response times
                        • Incident response contacts
                        • Supporting procedures
                          • A quick note on forensics
                      • Developing the incident response plan
                      • Taking action
                        • Incident reporting
                        • Incident response
                        • In-house incident response
                        • Contracted incident response
                      • Summary
                          • Appendix C: Security Tools List
                            • Tools for securing the network
                            • Tools for securing systems
                            • Tools for securing data
                            • Tools for security monitoring
                            • Tools for testing security
                            • Tools for vulnerability scanning

                                Aaron Woody

                                Aaron Woody is an expert in information security with over 15 years of experience across several industry verticals. His experience includes securing some of the largest enterprises in the world. Currently, he is a Security Consultant in the public sector. He is also a speaker and active instructor teaching hacking and forensics, and maintains a blog n00bpentesting.com. Aaron can also be followed on twitter at @shai_saint. He will be launching a companion website (http://www.datacentricsec.com) for this book. To contact him for consulting please e-mail him at aaron.m.woody@gmail.com.
                                Sorry, we don't have any reviews for this title yet.

                                Submit Errata

                                Please let us know if you have found any errors not listed on this list by completing our errata submission form. Our editors will check them and add them to this list. Thank you.

                                Sample chapters

                                You can view our sample chapters and prefaces of this title on PacktLib or download sample chapters in PDF format.

                                Frequently bought together

                                Enterprise Security: A Data-Centric Approach to Securing the Enterprise +    Machine Learning with R =
                                50% Off
                                the second eBook
                                Price for both: €32.60

                                Buy both these recommended eBooks together and get 50% off the cheapest eBook.

                                What you will learn from this book

                                • Enterprise information security challenges and roadmap to success
                                • Data-centric security architecture
                                • Applying security through policies, standards, and processes
                                • Basics of risk analysis, deciding what is valuable and needs to be secured
                                • Layered security approach from data to network edge
                                • Securing wireless implementations
                                • Managing the human element of security through awareness
                                • Security monitoring and incident management
                                • Learn sample forms and process flows for quick and easy use

                                In Detail

                                Enterprise security redefined using a data-centric approach and trust models to transform information security into a business enablement process. It is a unique and forward thinking approach for deciding the best method to secure data in the enterprise, the cloud, and in BYOD environments.

                                "Enterprise Security: A Data-Centric Approach to Securing the Enterprise" will guide you through redefining your security architecture to be more affective and turn information security into a business enablement process rather than a roadblock. This book will provide you with the areas where security must focus to ensure end-to-end security throughout the enterprise-supporting enterprise initiatives such as cloud and BYOD.

                                "Enterprise Security: A Data-Centric Approach to Securing the Enterprise" will first introduce the reader to a new security architecture model and then explores the must have security methods and new tools that can used to secure the enterprise.

                                This book will take a data-centric approach to securing the enterprise through the concept of Trust Models and building a layered security implementation focused on data. This is not your traditional security book focused on point solutions and the network aspect of security.

                                This book combines best practice methods with new methods to approach enterprise security and how to remain agile as the enterprise demands more access to data from traditionally untrusted assets, hosted solutions, and third parties. Applied Information Security - A Data-Centric Approach to Securing the Enterprise will provide the reader an easy-to-follow flow from architecture to implementation, diagrams and recommended steps, and resources for further research and solution evaluation.

                                This book is a reference and guide for all levels of enterprise security programs that have realized that non-data centric security is no longer practical and new methods must be used to secure the most critical assets in the enterprise.

                                Approach

                                It’s a reference guide to enterprise security programs.

                                Who this book is for

                                This book is intended for the IT security staff beginner to expert but would also be a valuable resource for other IT functions such as IT compliance, IT operations, and executives responsible for managing IT and information security. Understanding the principles in this book is important for decision makers as new business models are developed and enterprise security must keep up to reduce risk and secure critical enterprise assets and data.

                                Code Download and Errata
                                Packt Anytime, Anywhere
                                Register Books
                                Print Upgrades
                                eBook Downloads
                                Video Support
                                Contact Us
                                Awards Voting Nominations Previous Winners
                                Judges Open Source CMS Hall Of Fame CMS Most Promising Open Source Project Open Source E-Commerce Applications Open Source JavaScript Library Open Source Graphics Software
                                Resources
                                Open Source CMS Hall Of Fame CMS Most Promising Open Source Project Open Source E-Commerce Applications Open Source JavaScript Library Open Source Graphics Software