Protecting corporate information and technology
assets from intruders, thieves, and vandals is a significant challenge for most
enterprises. Historically, investments in security technology were made by individual
technology managers and business units in response to the specific threats they
faced. CIOs are now implementing technologies that can support the centralized management
and enforcement of security policy. As a result, the fragmented security market is
coalescing around four primary solution sets: :
- Identity Management
to authorize user access to system resources.
- Vulnerability Management to help uncover and remedy threats early.
- Threat Management to respond to intrusions and attacks on the network.
- Trust Management to securely exchange information over public networks.
Identity Management (IM) solutions are responsible for authenticating and authorizing
the network-based users who need to use online services and resources. Identity
Management solutions generally include:
Provisioning. Provisioning is the process of granting and
revoking the appropriate access
rights and privileges to employees, customers, suppliers, and business partners.
- Web access control. Web
products provide centralized and automated management to validate a user, and then permit
the user to access resources in the environment for which that user has been granted permission.
Single Sign-On authentication. Single Sign-On (SSO) allows a user to log onto every
assigned system that user has access to once, using a single user ID and password combination.
Vulnerability Management helps the enterprise identify vulnerabilities
or weaknesses in the computing environment, and provide the infrastructure to eliminate them.
Vulnerability Management solutions generally include:
- Firewalls. A firewall is
a system or group of systems that enforces an access control policy between two networks. The firewall has a dual role as the mechanism
that exists both to block and to permit traffic attempting to access network resources.
assessment. Vulnerability assessment tools evaluate and monitor operating systems and applications for needed fixes to known
problems, such as viruses, worms, unsecured backdoors, and security holes.
- Network vulnerability scanners. Network
vulnerability scanning is the process of checking for all the potential methods an attacker
might use to tamper with an organization's network by analyzing the types of software and
system configurations on a given network.
Threat Management focuses on identifying and responding to anomalous and
malicious events that occur throughout the network. Threat Management solutions generally include a
combination of intrusion detection and security event management technology.
- Intrusion Detection. Intrusion
detection systems monitor network traffic, verify the integrity of system files, monitor network event logs, and may also include
deception systems to lure and trap hackers.
- Security Event Management. Security event
management products actively monitor IT resources across an organization, filter and
correlate events, and automate responses to security incidents.
Trust Management is the practice of protecting and enabling activities
that are of high risk to the enterprise. These solutions rely on encryption and access control
techniques to create a secure process for authorized individuals. Trust Management solutions
- Public Key
Infrastructure (PKI) is the combination of encryption technologies, digital certificates, and
certificate authorities that allows enterprises to protect the security of their communications
and business transactions on the Internet.
- Virtual Private Networks. A Virtual Private
Network (VPN) is a private data network that uses the public telecommunication infrastructure
(as opposed to a system of owned or leased lines), maintaining privacy through the use of a
tunneling protocols and security procedures.
For more information on choosing the right security solution for your company,
please read our Security
Go to Bitpipe Research Guide: Security.