Best Practices for Enterprise Security

Data and transaction security is of paramount importance in this age of rapidly expanding commercial and government computer networks and the emerging Internet economy. The inherent challenges of the security issue have become a top priority in every company that makes use of information technology.

The term computer security is a generalization for a collection of technologies that perform specific tasks related to data security. Using these technologies effectively to secure a corporate network requires that they be integrated into an overall security plan. The planning process for their proper implementation involves:

1. Gaining a detailed understanding of the potential environmental risks (for example, viruses, hackers, and natural disasters).

2. Making a proactive analysis of the consequences of and countermeasures to security breaches in relation to risks.

3. Creating a carefully planned implementation strategy for integrating security measures into all aspects of an enterprise network, based on this understanding and analysis.

Best Practices for Enterprise Security is a collection of white papers focusing on the different aspects of security in enterprise networks. The white papers are grouped into three general categories that reflect the different levels of knowledge needed to create and implement a successful security concept. The structure also allows readers to approach the subject of security based on their individual areas of expertise and interest. The levels and links to their corresponding papers are:

Security backgrounders . Papers that provide an understanding of security-based issues and countermeasures that are independent of technology.

• Security Threats

• Security Strategies

• Security Planning

Security primers . A series that begins with a paper describing one example of a security architecture and continues with papers that treat each entity in the architecture separately, discussing how they fit into the architecture as a whole.

• Security Entities Building Block Architecture

• Security Considerations for End Systems

• Security Considerations for Administrative Authority

Security best practices . A final set of papers that discuss a series of real-life scenarios and implemented solutions.

• Data Security and Data Availability in the Administrative Authority

• Name Resolution for Administrative Authority

• IP Security for Local Communication Systems

• Data Security and Data Availability for End Systems

• Monitoring and Auditing for End Systems

These documents should give readers a solid foundation upon which to build their enterprise security strategy.

On This Page

About the Security Entities Building Block Architecture

About the Security Entities Building Block Architecture

The Best Practices for Enterprise Security white papers are based on an approach that considers data security in terms of securing entities of an enterprise. To implement effective security, this approach first considers the entire network structure, and then separates that structure into discrete security entities so that security exposure can be determined and security implemented on each entity. These entities form the basis for the Security Entities Building Block Architecture.

The Security Entities Building Block Architecture divides the security structure of an enterprise into the following entities:

• End systems (computer hardware devices with an operating system)

• Local communication systems (network functionality)

• Administrative authority (centralized security management)

• Private networks (network sharing between companies)

• The Internet

The following picture shows the relation between these entities.

For more information on the Security Entities Building Block Architecture, please see Security Entities Building Block Architecture, a security primer in the Best Practices for Enterprise Security white papers series.