Proactive Security Management - Large Enterprise Business - HP
Proactive Security Management - Large Enterprise Business - HP
Proactive Security Management - Large Enterprise Business - HP
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
methods, technologies, and services that focus on fixing vulnerabilities before an attack can exploit them.<br />
Preventing a security breach makes it easier to maintain business functions compared to when a business<br />
is recovering from a successful attack. Prevention is accomplished through the ongoing management<br />
of threats and vulnerabilities to the IT infrastructure.<br />
Responding to Changing <strong>Business</strong> Models and Threats<br />
Once a security infrastructure is in place, it must have the ability to adapt to changes in business models<br />
and the various threats that emerge. <strong>Business</strong> model changes can come from organizational changes such<br />
as reorganizations or mergers. For example, the requirements of proactive security management during<br />
a merger might include integrating different security technologies like intrusion prevention systems, and<br />
managing employee privilege and authority changes. These transitions must happen quickly, and security<br />
management capabilities must be efficient.<br />
The threat of attack from criminals, insiders, worms, and viruses is much more unpredictable than changing<br />
business models, and the threat environment has shown an increase in the speed and complexity of attacks.<br />
The implications for proactive security management include the need for capabilities that can integrate new<br />
security technologies and tightly link them with asset, patch, and configuration management systems.<br />
Integrating With IT <strong>Management</strong><br />
Distinct security technologies and processes are specific to IT security. These include functional security<br />
technologies such as authentication methods (for example, passwords, tokens, and biometrics), encryption<br />
methods and encryption key management systems, and firewall systems. Along with security technologies,<br />
a number of IT technologies and processes play a significant role in the total security management picture.<br />
For example, proactive security management depends on IT workflow systems, trouble ticketing systems,<br />
and patch management systems (for testing and applying security-related patches). Having a security<br />
operations center that is separate from a network operations center can lead to security decisions that are<br />
made without regard to business impact. For example, what if a security decision shut down a vulnerable<br />
server that the network operations people were using to handle overflow order traffic? <strong>Proactive</strong><br />
security management impacts and depends on IT management.<br />
Maintaining Acceptable <strong>Security</strong> and Risk Levels<br />
Perfect security is an impossibility, and experts recommend spending only as much money as necessary to<br />
obtain the appropriate level of protection. The common question is, How much security is enough?<br />
The answer is: it depends. It depends on the result of a risk calculation that factors in the value of the<br />
protected assets, the threats against those assets, and the vulnerabilities. <strong>Security</strong> management, in one<br />
sense, becomes a tool for managing risk. Maintaining an acceptable level of risk is the highest-level<br />
business goal for proactive security management. The acceptable level of risk, however, varies for<br />
industries, organizations, and companies, and a functional proactive security management solution provides<br />
the correct levels of confidentiality, integrity, and availability to meet the acceptable level of risk.<br />
Purpose<br />
The purpose of proactive security management is to protect assets, enable business processes, and drive<br />
costs down. The factors that drive the need for proactive security management include:<br />
• Protecting against increasing threats<br />
• Enabling changing trust models<br />
• Combating increasing process complexity and related expense<br />
• Complying with changing regulations<br />
<strong>Proactive</strong> <strong>Security</strong><br />
<strong>Management</strong><br />
3–3