Main Page

From The Secure Arc Wiki

Jump to: navigation, search
The Secure Arc Mnemonic Password Generator
Secure Arc provide IDM & Security Architecture Consulting Services and Security Tools.

Very few organisations have the resources to achieve absolute security and when customers are involved there is typically more to be gained from usability with some margin for risk anyway.

Security Architecture is all about weighing up the cost to secure vs the potential cost of a breach.

The key is to identify what you need to protect, where it needs protecting, how much is at stake if it’s compromised and consequently how much you should spend on securing it to reduce the risk.

The processes required to thoroughly achieve this are exhaustive, time consuming and to a large extent require specialist assessment and input.

The Secure Arc Security Reference Architecture, while thorough, is built on a very simple model for laying out an enterprise architecture.

The underlying principle simply requires the architect to “pick a box” for a node and then assess and abide by the rules associated with that decision. Where the rules can’t be adhered to, the associated threats should be identified and assessed.

Logical Zone Model
The Logical Zone Model represents the server and network segmentation created in a typical enterprise architecture. The basic rules define what a node is allowed to communicate with, which can be summarised as “other nodes within the same or adjacent Zones.”

With this model adopted, it is relatively simple to identify where Information Assets are transferred to and from and where they are stored. If it’s sensitive information, it should be stored in the centre-most trusted Zone and the rest of the architecture should be designed to support that. If it must pass through the Staff Intranet it should be thoroughly protected from the associated risks associated with such an exposure.

This model can be used to identify existing threats in your current architecture as well as provide guidance for new solutions. Both old and new solutions can co-exist and associated threats will be clearly visible and assessable.

Personal tools