Login Signup
Verified Document

Computer Security Analysis Security Analysis Managing Security Essay

Related Topics:
Computer Ethics Computers Security Management Computer Technology
Open Document Cite Document

Computer Security Analysis Security Analysis

Managing security strategies for an enterprise requires intensive levels of planning and integration across each of the functional area, in conjunction with synchronization across departments, business units and divisions (Bellone, de Basquiat, Rodriguez, 2008). Enterprise Security Management strategies continue to become part of the overall strategic plans of an enterprise, supporting each strategic initiative and its related tactics to ensure profitable growth (Bellone, de Basquiat, Rodriguez, 2008). The aspects of intrusion detection, web security, deterring and defeating hackers, and the development and execution of an effective security strategic plan is the purpose of this analysis.

Defining A Framework for Enterprise Security Management

Developing an effective framework for managing security needs to begin with an analysis of an organizations' data availability, confidentiality and data integrity needs overall (Bellone, de Basquiat, Rodriguez, 2008). This is often defined as an Information Security Management Systems (ISMS) strategic plan or initiative as it seeks to synchronize security across all functional areas and systems. A successful ISMS implementation will be agile enough to respond to the needs of the organization for data access across all supported channels...

When the strategic role of security is taken into account in conjunction with the overarching needs for role-based data access, the Confidentiality, Integrity and Availability (CIA) Model takes shape and delivers the framework needed to make security a core part of any strategic plan (Bellone, de Basquiat, Rodriguez, 2008). Figure 1, The Building Blocks of a Successful ISMIS Implementation., illustrates the concepts of this model. It also highlights how each must be balanced from a system standpoint in order to be effective.
Figure 1: The Building Blocks of a Successful ISMS Implementation

Source: (Bellone, de Basquiat, Rodriguez, 2008)

This model is often supplanted with more role-based analysis that denotes the processes and procedures of employees who need access to secured information to do their jobs. The following human-in-the-loop framework illustrates this concept (Cranor, 2008).

Figure 2: Human-in-the-Loop Security Framework

Source: (Cranor, 2008)

Using these frameworks as the basis of evaluating security strategies and defining anti-intrusion system fixes while re-architecting key integration points to make them secure is one of…

Continue Reading...
Sources used in this document:
References

Jason Bellone, Segolene de Basquiat, Juan Rodriguez. 2008. Reaching escape velocity: A practiced approach to information security management system implementation. Information Management & Computer Security 16, no. 1

(January 1): 49-57.

Cranor, L. (2008) A Framework for Reasoning About the Human in the Loop. Retrieved on June 10, 2011 from http://www.usenix.org/events/upsec08/tech/full_papers/cranor/cranor.pdf

DiBattiste, C. (2009) Privacy and Information Security 101: Have a plan Information Security Best Practices 2009 conference archive The Wharton School, University of Pennsylvania. Zicklin Center for Business Ethics Research. Retrieved on July 26, 2010 from http://technopolity.editme.com/files/isbp2009talks/DiBattiste-summary.doc
Miller, M. (2005). Computer Security: Fact Forum Framework Retrieved on July 26, 2010 from http://www.caplet.com/security/taxonomy/index.html
Cite this Document:
Copy Bibliography Citation

Sign Up for Unlimited Study Help

Our semester plans gives you unlimited, unrestricted access to our entire library of resources —writing tools, guides, example essays, tutorials, class notes, and more.

Get Started Now